How do we set up SSO for the Story Box Library website and StoryBox apps?
We support SAML Single Sign On (SSO) for schools that use Cloudwork Identity Management by Studentnet. This means if your school uses Cloudwork and you set up SSO with Story Box Library, your staff and students will be able to log onto our website and mobile/tablet apps using their usual school username and password without needing to remember a different one. The steps to set this up are as below.
Part 1: Cloudwork set up
- Navigate to Cloudwork Dashboard>Single Sign On>Manage OpenID Connect Apps>Add New Service
- Enter the following details:
- Name: StoryBox App
- Client Type: Public Client
- Redirect URIs: com.storyboxlibrary.app://capacitor/com.storyboxlibrary.app/callback
- Allowed Grant Types: Leave box unchecked
- Click Submit.
- Make a note of the Client ID.
- Navigate to Cloudwork Dashboard>Single Sign On>Manage OpenID Connect Apps>Identity Provider and make note of the OpenID Provider.
- Navigate to Cloudwork Dashboard>Single Sign On>Identity Provider and make note of the the Entity ID domain (just the section starting with https:// and ending in .net)
- Still in Single Sign On>Identity Provider, download the certificate (crt) file.
Part 2: Story Box Library set up
- Log in to your account settings as the Account Holder.
- Scroll down to 'Configure SSO details' under 'Other Account Actions' at the bottom of the right hand column.
- Fill in the following details:
- SSO Domain: Entity ID domain (Starting with https:// and ending in .net and don't include any slashes at the end, e.g. https://your-login.cloudworkengine.net)
- x509 Certificate: Copy and paste the contents of the from the crt file here (excluding the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines)
- Discover URL Domain: OpenID Provider
- Client ID: Client ID
- Click UPDATE.
- An XML metadata link will appear - download this file.
Part 3: Finalising Cloudwork set up
- Go back to your Cloudwork Dashboard and navigate to Single Sign On>Add New Service>Upload an XML file.
- Enter a name (such as 'Story Box Library'), select the XML file you downloaded from your Story Box Library account settings, and click 'Submit'.
Once set up is complete you can test whether it has been successful by:
- Making sure you are logged out of Story Box Library.
- Visit the log in page and choosing the SSO option, or choosing 'LOG IN WITH SSO' in the StoryBox app.
- Find your school's name in the dropdown list and clicking 'LOG IN'.
- At the new screen, enter any teacher or student Cloudwork credentials and click 'Sign In'.
- You should be brought back to Story Box Library and arrive logged in.
If the log in is successful, the SSO set up is complete.
If you experience any issues, please reach out to our support team so that we can help you resolve them.
- If you have set up SSO we can provide a direct link to your school's SBL SSO login webpage. This removes some steps required for users to log on making the process quicker and easier - please contact us for your link.
- Users that access SBL via SSO will have some individual user settings available to them (whether captions appear by default and whether playlists loop by default).
- Viewer username and password combinations will continue to work for schools that have enabled SSO, but in the future when more account individuality is introduced this may be discontinued.
- We do not currently support SSO for any other Identity Providers (IdPs) or federations but are working to expand SAML support.