Skip to content
English
More support
Product Feedback
  • There are no suggestions because the search field is empty.

User or Account Provisioning

User or Account Provisioning

 

The first and most important concern is how you get your users' information into your learning platform the process and the words the industry use for this is called User or Account provisioning.  User provisioning can be defined as the process of moving relevant learner data into your platform in order to ensure the right content gets to the right audience.  

 

User provisioning

User provisioning or account provisioning is the process to create, modify, disable and deleting user accounts and their profiles across your learning technology infrastructure.  In many companies, provisioning tools allow the cloning of the roles and business rules so that businesses can automate onboarding and boarding.  Provisioning tools can come from

  • HR systems
  • Sales Systems
  • CRM systems
  • Email systems
  • other such systems that store identity. 

Learning platforms can provision users in multiple ways. Firstly, by a simple individual user creation, leading to a bulk upload via Excel or CSV file, or encrypted files can be sent via SFTP that automate the process. What is also called the import process allows the company to automate the process of sending a file and the file being received by the learning platform.  Finally, user provisioning can be done through APIs.  Typically the larger the company the more likely they are to use the latter two methods as they allow you to record to be updated more regularly or in the case of APIs on demand.  Most commonly we see learning platforms using provisioning from payroll systems and HR systems.

 

APIs

APIs are now rapidly becoming the standard way for corporate platforms to connect in real time. API stands for application program interface which is a programming function that essentially allows the applications programs to interact and share data. There is an expectation that technology platform suppliers' ecosystems will include a suite of APIs that make it easy for their customers to plug in and get going. Imagine APIs as a piece of string that connects one area of the supplier's database to one area that matches the customer's database. The API provides a connection for the data to move freely between the organisations in a secure and safe way.  API keys give access to LMS data and automate repetitive tasks such as update deletion and list exports. Typically in learning technologies, context APIs are used as a way to provision accounts and to push reporting data from the LMS to a business reporting tool.

 

 

Unique identifiers

The most important element in user provisioning is a unique identifier.  The unique identifier stands for the unique ID or the enterprise unique ID or the primary ID or the globally unique ID. This field is the key internal identifier used to ensure that account records stay with a unique individual. This allows the other elements such as names or email addresses to change, for example, in the case an individual gets married or the company changes its domain but the learning record stays intact.  In the case of business-to-consumer platforms, this unique identifier may be generated when the purchase is made or the e-commerce application provides a unique token to allow the learner to access the content.  In all cases, the unique identifier will be non-changeable and non-assignable, and hence it needs to be large enough in capacity to sustain generations of unique identifiers. It also ensures that individuals cannot have two or more account histories and thus, avoid the issue of account duplications. 

 

 

Single Sign-on (SSO)

Single sign-on or SSO authentication is concerned with the authentication and the management of easy access to the learning management system.  The authentication aspect deals with validating user credentials and establishing that the user is a user within your corporate environment.  The authorisation is related to the level and access restrictions that the user account is allowed. SSO is related only to allowing the user or denying the user access to the platform. There are many different service providers for SSO you may be familiar with such as:

  • Facebook/Google connect
  • SAML
  • OAuth

Some of the other names you may have heard that assist with SSO are Ping Federate, OKTA, and Active Directory; these are generic identity management products that can be used with any corporate platform.