Pearson
Always Learning

Courses is a white-labeled mobile application for LearningStudio that allows your students to access their courses in a native and intuitive interface. Currently available for the iPad (other platforms coming soon), the app allows your students to access their courses on the go and has virtually no Pearson branding. Students can sign into the application just like they normally would sign into LearningStudio, using the same username and password.

How Inbound SSO Works for Courses

If you handle user authentication via a custom portal and use SSO to send your students to LearningStudio, there are additional requirements for configuring Courses. Because the application works on behalf of your students, it needs an OAuth 2.0 token. This is often gathered by entering the username and password, but for your use case, you will need to generate that token and pass it to Courses. Here’s an overview of how this process works:

1. Student Finds Your Institution

Since this application works for all LearningStudio customers, the first step is for students to find their institution in the application. After the first time, the app will remember the institution.

Find Institution

2. Courses Displays Your Login Form

Since your institution uses SSO, Courses will show your sign-in screen in a mini browser inside the app. (Note, the user never leaves the app.) This is a page that you host on a web server, and you authenticate the user against your user management system just as if they were signing into your web portal.

Custom Login Screen

3. Generate a LearningStudio Access Token

Once you’ve authenticated the user, you need to generate a LearningStudio OAuth 2 Access Token. Use the Assertion grant type. Remember, all this is happening behind the scenes as part of your sign-in workflow, and the user still sees your website in the mini browser shown in step 2 on the previous page.

For more information on how to generate a token, see this documentation or leverage the code libraries.

The Authentication API will return a JSON-formatted response including Access Token and an Expiration value. This information has to be given to Courses.

4. Redirect to a Special URL

Using the token and expiration values, your sign-in workflow should now redirect (i.e., HTTP 302) to exactly the following URL:

http://localhost/catch_this_url.html?grant_token={access_token}&expires_in={expires_in}

Replace {access_token} and {expires_in} with the appropriate values from Step 3.

While this URL seems strange because of the hostname, it is correct. While you are checking your user’s credential, Courses is monitoring the mini web browser to watch for changes. When it sees this URL format, it interrupts the mini browser’s workflow and captures the access token and expiry value. It saves that information and proceeds with its initialization.

Important: Don't do any additional URL encoding of the access token. Simply pass it in the URL as it came from the Authentication API in Step 3.

Tips For Your Sign In Screen

This is a unique work flow, so your Courses sign in screen should be different from your normal web portal. Make it mobile friendly by limiting the amount of extra text or artwork, and make the form fields and submit button bigger to accommodate a human finger. The best user experience is when the user can’t tell your page isn’t built into Courses.

Next Steps

  1. Begin building your sign-in screen and associated workflow.
  2. Contact your Client Services Consultant to begin configuring Courses for your institution. You should know the URL of your sign-in screen.
  3. Reach out on the Developer Community if you have any questions or trouble with the Authentication APIs.
4808 reads
Always Learning
Pearson