What does LDAP stand for?
Lightweight Directory Access Protocol
What does LDAP do?
LDAP allows districts to create a way for staff to have a single login and password for all products.
How does LDAP authentication work?
A user will log in to the Embrace® system by visiting a district-specific login page (custom URL) instead of the public www.outreachtime.com website. The user will enter their district username and password.
When the user clicks "Login", we pass the login information to the school district's servers. The school district verifies that the user's credentials are valid and active in the system. If the user credentials are approved, the user is logged in to the Embrace® system.
What do I do if my LDAP login doesn't work?
- Confirm that you are visiting your district-specific web address. This typically looks something like mydistrictname.outreachtime.com
- Confirm that you are viewing the correct website by finding your district name above the login box.
- If you are still experiencing difficulties, you may reach out to your district IT department for further assistance.
What is the difference between LDAP and SAML?
While both LDAP and SAML provide user authentication, SAML offers a higher level of security and the extra convenience of one universal login.
LDAP - In order for systems to authenticate with LDAP, user logins must be authenticated against the district server. This means that users must sign in to a website using their LDAP credentials, and the website must pass the credentials to the district's LDAP server, forcing both parties to handle the user's credentials. This requires districts to open up their firewall, exposing the server to possible threats.
SAML - When using SAML, a user will only login to their identity provider, meaning that the website/application will not have to handle user's credentials. SAML creates an encrypted token to authorize the website/application, preserving the district's firewall and making the single sign-on more secure.