Consolidate Wolfram Logins for Education with Single Sign‑On
December 22, 2020 — Kelvin Mischo, Senior Academic Key Account Manager, Academic Sales
I’ll begin this blog post by admitting that I personally have forgotten many passwords in my lifetime. If you’re like me (which I’m sure you are in this regard), you use many online tools and websites that require a login and password. We also know it’s wise practice to use a variety of passwords and to change them frequently. We hope a new feature of Mathematica Online has made this a little less daunting for you in your educational settings.
This is where single sign-on (SSO) comes in, which is an approach many websites take to help students and faculty consolidate passwords. This allows communities to use a primary campus login and password for Mathematica Online and eliminates the need to remember a completely separate login and password. Students and faculty face the same organizational challenge with various technologies in their courses.
How Students Log In without SSO
For those not yet using SSO, students create an account, called a Wolfram ID, in our system, set a Wolfram-specific password and then use this information to request Mathematica Online to give them instant access. While the process provides access immediately without any human involvement, it requires students to be knowledgeable about two different websites: https://user.wolfram.com for the account creation, as well as a URL starting with “account.wolfram.com” specific to the campus site license. The process requires students to seek out campus-hosted instructions to explain how to request access and immediately use Mathematica Online.
The New Student Login Workflow with SSO
With SSO, students bypass both of these steps and use a familiar campus login to make the process even smoother. They go directly to the Wolfram Cloud, enter their campus email address and are automatically redirected to a campus login screen to enter their campus credentials. Students are then granted immediate access to Mathematica Online. The following image is a generic sample:
Faculty and staff can use the same process to access Mathematica Online. Students, faculty or staff with existing Wolfram ID accounts will be prompted to enter their Wolfram-specific credentials to link the two accounts when they first use SSO.
Why This Is Useful for Instructors
From the perspective of an instructor, Mathematica Online, along with SSO, is a far easier way to have students work through course materials based on Wolfram Notebooks. In the past, in addition to requiring students to remember a login and password, instructors were required to walk students through the process of installing Mathematica on a local machine, as well as somehow posting or emailing a notebook file (or many notebook files) that contained a course example or project.
Mathematica and Mathematica Online now provide a way to “publish” a notebook, which creates a public-facing URL. This is a convenient way to post course materials in a course management system (CMS) or learning management system (LMS) like Canvas, Blackboard or Moodle.
When students open the published notebook, they see a preview of the content and are given a choice to either download the notebook or make their own copy. The second option prompts students to log in to their license for Mathematica Online, where they have a fully editable copy of the notebook to append notes or create their own visualizations and calculations.
This is also the point in the process that triggers SSO. So while in the past students needed to create an account, download software and download a file, moving forward, they can click a link and almost immediately work with the content in Mathematica Online—a far simpler process.
For involved projects, it is still useful to have a local installation of Mathematica (Mathematica and Mathematica Online are best as a pair). The Download button allows students to run notebooks locally in a way that’s familiar to them. Students who have used the Wolfram ID login in the past to create an account and download Mathematica will be prompted to enter their Wolfram-specific credentials to link their existing files and data to their new SSO login. That way, their data is accessible in either environment, and they can use a local installation and browser-based access interchangeably.
When planning out course content, this means students can use Wolfram Notebooks for either involved or very brief examples where they quickly log in without disruption to their train of thought.
Faculty and staff can also use the same convenient SSO process for their own work in Mathematica Online.
The More Technical Details
The Wolfram technology to seamlessly provide accounts for students, faculty and staff is based on SAML, and specifically Shibboleth. For administrators of a Wolfram site license, a conversation is usually required for the initial setup to map the attributes in a campus’s Shibboleth environment to our system. But once set up, the same sections of our User Portal can be used to monitor trends in usage and administrate the site license.
While SSO is fairly new, campuses so far have been able to set things up in a short amount of time with minimal troubleshooting. One campus that tested with us is a member of the InCommon federation, so the Wolfram system for SSO should work fairly quickly for the several hundred campuses following the InCommon guidelines.
What’s Coming Up
So far, Wolfram supports SSO for Mathematica Online and Wolfram|Alpha Pro for campuswide site licenses. In the future, support will extend to products under a campuswide site license with a local installation to unify the experience of signing in and being granted access.
While Wolfram supports SAML and Shibboleth currently, our developers would like feedback on other common systems that are used for SSO so we can consider supporting those other systems as well.
How to Get Started
The next step for either instructors or site license administrators is to reach out to us to begin the process of setting up SSO. Feel free to contact the Wolfram staff member you normally work with regarding licensing, or email me directly and I can get you in touch with the right person to get things started.