There are two ways to perform user authentication in SameGoal.
- Application username/password. By default, users are authenticated using a SameGoal application username and password.
- LDAP (Active Directory, eDirectory, etc). LDAP is an alternative means of authentication that uses a central server already installed at your district. When SameGoal is configured for LDAP authentication and a user logs in, the username and password are sent directly to your district server. The server then sends back only a Yes/No answer as to whether authentication succeeded. SameGoal does not store a password when a user authenticates using LDAP.
Things to consider when evaluating whether to configure LDAP:
- Each username in SameGoal must match the username for the user in your district central server (most commonly, this is each user's email username)
- If your district LDAP server goes down, users will be unable to log into SameGoal (same as other district services)
- If you choose to enable LDAP, SameGoal allows you to opt-out individual users from LDAP authentication if necessary (eg. if the user is a related service provider with a district LDAP account). An option will appear when you add or update users while your district uses LDAP.
To modify your district authentication method:
- Visit Settings > Technical Settings.
- Locate Authentication. Select the desired method. If LDAP, you must first configure LDAP before entering necessary LDAP information.
- Click the Save changes button.