Authentication OptionsWhen someone logs into your Private Label site, Wikispaces checks their username and password against a user database to make sure they are a valid user. This process is "authentication." Your organization may already have a database of users — or several. Whether you already have established user accounts, or you want to create a completely new user database, your Wikispaces Private Label site gives you several options for authenticating users.
Every Wikispaces Private Label site has a self-contained user database, with usernames and passwords unique to that site. Depending on your privacy settings, a site administrator may have to approve requests before an account will be created. You can disable Site Passwords if you would rather restrict all your users to accounts in an existing user database.
Direct LDAP is similar to Site Password, except that the usernames and passwords come from your existing LDAP server. This is a great option if you have an existing LDAP database (such as OpenLDAP or ActiveDirectory) that Wikispaces can access over the Internet. Find out more on our LDAP help page.
There is no limit to the number of LDAP directories you can integrate with your Private Label site, as long as each username is unique.
Note: If your LDAP server is not Internet-accessible, it's often quite easy to create a Single Sign-On integration against your LDAP server instead. We have a module pre-built for Active Directory/IIS. Contact us at email@example.com for more details.
Single Sign-On lets you share session information between an existing authentication system and your Wikispaces Private Label site. This means that, once a user is logged into any of your systems, that active session will carry over into the others. This process is secure, transparent to your users, and does not transmit passwords or other sensitive account details over the Internet. When a user logs in, Wikispaces uses the session information to create new accounts (as needed) and to maintain a user's logged-in status across systems.
You can add one (but only one) Single Sign-On source to your Private Label site. Find out more about your options on our Single Sign-On help page.
If you use SAML/Shibboleth, this option will let you set up Single Sign-On with Wikispaces Private Label. Email us at firstname.lastname@example.org for more information.
SAML or Shibboleth
If you would like people to be able to create accounts on your Private Label site through their existing OpenID accounts, you can enable OpenID as an authentication source. You can find instructions for doing this on our OpenID help page.
If you already have Google Apps in your organization, you can add it to your Wikispaces Private Label site as a Single Sign-On option. You can find the instructions for setting up this integration on our Google Apps help page.
If your organization already has an LMS, like Blackboard, Canvas or Sakai, you can carry login and work sessions seamlessly between the applications. For instructions on setting up this integration, go to our Basic LTI help page.
If you are already using Moodle, you can use this option to integrate Moodle with your Wikispaces Private Label site. For more information on implementing this integration, check out our Moodle help page.
You can also choose to allow people to login to your site through a combination of the options above. Here are a few examples:
Multiple Authentication Sources
Your teachers and students log in with Direct LDAP accounts while parents log in with Site Password accounts.
Teachers log in with Direct LDAP, students log in with Single Sign-On, and collaborators from other schools log in with Site Password accounts.
Employees in your offices in North America log in using one Direct LDAP server while employees in Europe log in using another Direct LDAP server.
If you're considering multiple authentication sources for you organization, contact us at email@example.com before you begin.
You can also find out more about what this might look like, how it would work, and issues to consider on our multiple authentication help page.
Still have questions? Send us an email at firstname.lastname@example.org.