© 2018 Capita Business Services Ltd. All rights reserved.
Capita Education Software Solutions is a trading name of Capita Business Services Ltd. Our Registered office is 30 Berners Street, London, W1T 3LR and our registered number is 02299747. Further information about Capita plc can be found in our legal statement.
Identity and Access Management - Single Sign On, API security and user managment.
SIMS ID can provide federated authentication services to your product providing a single sign-on (SSO) experience to joint customers, allowing them to use their familiar username and password to access your product and seamlessly switch between SIMS Online Products and your product.
This removes the barrier to access, and reduces administration overhead associated with the adoption of a new service with its accompanying usernames and passwords.
SIMS ID provides OAuth 2.0, OpenID Connect and SAML 2.0 authentication services, recognised standards and protocols.
SIMS ID maintains additional OIDC information, such as additional scopes that can be requested to provide additional options to an integrated system.
This information is updated periodically and circulated on ratification to current SIMS ID Technical Integrators. Any breaking changes within the specification will be depreciated over one revision of the specification with a minimum six month grace period.
Download the SIMS OPENID CONNECT SPEC V3.0.4
SIMS ID is only responsible for Authentication. Your application is responsible for Authorisation.
OIDC (OpenID Connect)
When using OIDC, SIMS ID can return a number of attributes for the user in the identity token (id_token), ranging from simply the site(s) they are associated with through to the more complex person and relationship data. This data can help you make an informed authorisation decision or route the user post-authorisation to appropriate access pathways.
SAML 2.0
When using SAML, SIMS ID can return a number of attributes for the user in the assertion, ranging from simply the site(s) they are associated with through to the more complex person and relationship data. This data can help you make an informed authorisation decision or route the user post-authorisation to appropriate access pathways.
Access Token Validation Endpoint
Identity Token Validation Endpoint
Authentication services for your product providing a single sign-on (SSO) experience to joint customers.
The IAM services are based around SIMS ID (in education) and Single ID for non-education applications. Both platforms provide Identity and Access management and are based around industry standard, best practice applications. Service include OAuth2.0, OpenID Connect, SAML 2.0 integration services for Authentication User, role and group management is provided as part of the service as is inbuilt multifactor authentication. The IAM service supports direct user credential management through data ingestion, direct UI entry, and secure invite methodologies. Federated third-party identity providers are also supported.