Overview

Discover how you can request to use your identity provider to securely log into the Class application.

 

Purpose

Class offers single-sign-on integration for a select number of Identity Providers that are compatible with OpenID Connect. This enable your business users a seamless login experience to the Class Application.

Class follows the Australian Taxation Office Standards for Digital Service Providers (DSP), which requires compulsory multi-factor authentication for your Identity Provider. If you need more information around the complete requirements, please refer to the following ATO article: Operational Framework.

Pre-requisites

1. An access controller will need to send a request to partners@class.com.au and ensure you put SSO in your subject/title.
2. Provide us with your use case and which identity service you use for single-sign-on.
3. Be willing to conform to the ATO requirements for DSPs.

Approval process

1. You will have a response from the partner team to confirm they have received the request and then will triage the request with the Class Information Security Team.
2. You will receive a response from our Information Security Team to ensure that your use case is acceptable and contracts will be sent in relation to the conditions of how SSO will be implemented. Adhering to ATO DSP requirements.  
3. Send your signed contracts back to the Class Information Security Team.

Implementation

Once we have received your signed agreement, the Class support team will repoint your Class users login's, to make use of your Identity Provider instead. You will receive a unique URL for your users, which will enforce them to use your Identity Provider to log in to the Class application. 
All rights/restrictions to access data inside Class will still be granted and controlled by the Class application, once a user has successfully logged in via your Identity provider.