Janrain SSO
Options
Hi All,
Wanted to know if any of you might have implemented Janrain SSO within your Luminate Online site and perhaps are familiar with the issue described below and if there is known solution for it.
Description of issue: We are implementing Janrain SSO both on our Luminate Online DEV and Production environment. Setup works fine and added several Social Sign On Providers (Google+, Twitter,Facebook, Yahoo), of which all the login through them works fine on DEV. However when we port that on Production, Google does not seem to be able to reconnect back with Luminate Online post authentication in order for Luminate Online to associate that Google account with either existing one or creating new account within (it appears to skip that middle handshake portion and redirects you back to where you were -- as results on Production, Luminate Online seems to know that you are logged in but unable to retrieve who you are.
Thus with that said, I am wondering if we
Thanks in advance for your insights, help and time!
p.s. Here are actual test URL of our implementation
On production (where Google+ SSO is affected)
https://donations.diabetes.org/site/SPageServer?pagename=daniel_testpg3
On our DEV (where all seems to work as intended)
https://secure2.convio.net/adapdev/site/SPageServer?pagename=daniel_testpg3
When you successfully logged in, you will see your first name listed within the paragraph below it "Hello, [[S1:first_name]]"
I even tried to exclude anything that might relate to the pagewrapper overheads with that appended '&pgwrap=n' to no avail, the issue remains.
regards,
Daniel
Wanted to know if any of you might have implemented Janrain SSO within your Luminate Online site and perhaps are familiar with the issue described below and if there is known solution for it.
Description of issue: We are implementing Janrain SSO both on our Luminate Online DEV and Production environment. Setup works fine and added several Social Sign On Providers (Google+, Twitter,Facebook, Yahoo), of which all the login through them works fine on DEV. However when we port that on Production, Google does not seem to be able to reconnect back with Luminate Online post authentication in order for Luminate Online to associate that Google account with either existing one or creating new account within (it appears to skip that middle handshake portion and redirects you back to where you were -- as results on Production, Luminate Online seems to know that you are logged in but unable to retrieve who you are.
Thus with that said, I am wondering if we
- Should have separate Janrain Properties each for DEV and Production? (Note: it seems unlikely (imho but could be wrong) given that only Google currently not working while other like Yahoo and Facebook works just fine on that single Janrain property that we shared. We have whitelisted all of our Luminate Online domains associated with both DEV and Production in case
Thanks in advance for your insights, help and time!
p.s. Here are actual test URL of our implementation
On production (where Google+ SSO is affected)
https://donations.diabetes.org/site/SPageServer?pagename=daniel_testpg3
On our DEV (where all seems to work as intended)
https://secure2.convio.net/adapdev/site/SPageServer?pagename=daniel_testpg3
When you successfully logged in, you will see your first name listed within the paragraph below it "Hello, [[S1:first_name]]"
I even tried to exclude anything that might relate to the pagewrapper overheads with that appended '&pgwrap=n' to no avail, the issue remains.
regards,
Daniel
Tagged:
2
Comments
-
Update #2--
Revising this statement within "Description of issue" within the original posting.
Luminate Online knows you are logged in but unable to retrieve who you are -- this turns out to be caused by Luminate Online arbitrarily associate my gmail account to an existing account without prompting me (usually we would be presented by that 'gateway' JanrainLogin page and token that would prompt us if we are to create a new account or to associate to an existing Luminate Online account with that google account of ours). And in our case, LO seems to link mine to an account that is of 'Administrator' Security Category hence giving the impression that it doesn't go anywhere post authentication with Google.
Strangely enough -- test by Blackbaud support personnel within the same page seems to not be affected; while our tests using several of our gmail accounts seems to be encountering this issue.
regards,
Daniel0 -
Update #3 --
Found the culprit and it is currently being officially referenced as a bug LO-4061 at this time of writing --
Description:- When SSO is first initiated in DEV, and attempted in Production afterwards, Luminate Online seems to persistenly referenced the DEV ConsID of the account when attempting to associate it within the Production, hence instead of prompting us with the options to either create a new account or associate with existing one, it will automatically/arbitrarily link the SSO with the same existing DEV ConsID counterpart within Production that will often time belongs to other individuals instead.
Saving grace at moment -- this behavior won't happened when SSO is first initiated on Production and attempted in DEV afterwards.
- Unbeknownst to me at least -- for what we thought to be 'same' account of an individual (same email, first name, last name) -- they are actually of different ConsID within DEV and Production
- Thus this seems to be more of LO/Janrain backend vs Google+ related, and with it, other SSO Providers could also be affected if the above (1st bullet point) is attempted/replicated
Other setup details note
==================- We are using a single Janrain Property ('Engage App') to be used for SSO login on both DEV and Production
regards,
Daniel
0 - When SSO is first initiated in DEV, and attempted in Production afterwards, Luminate Online seems to persistenly referenced the DEV ConsID of the account when attempting to associate it within the Production, hence instead of prompting us with the options to either create a new account or associate with existing one, it will automatically/arbitrarily link the SSO with the same existing DEV ConsID counterpart within Production that will often time belongs to other individuals instead.
Categories
- All Categories
- Shannon parent
- shannon 2
- shannon 1
- 21 Advocacy DC Users Group
- 14 BBCRM PAG Discussions
- 89 High Education Program Advisory Group (HE PAG)
- 28 Luminate CRM DC Users Group
- 8 DC Luminate CRM Users Group
- Luminate PAG
- 5.9K Blackbaud Altru®
- 58 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 409 bbcon®
- 2.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- donorCentrics®
- 1.1K Blackbaud eTapestry®
- 2.8K Blackbaud Financial Edge NXT®
- 1.1K Blackbaud Grantmaking™
- 527 Education Management Solutions for Higher Education
- 1 JustGiving® from Blackbaud®
- 4.6K Education Management Solutions for K-12 Schools
- Blackbaud Luminate Online & Blackbaud TeamRaiser
- 16.4K Blackbaud Raiser's Edge NXT®
- 4.1K SKY Developer
- 547 ResearchPoint™
- 151 Blackbaud Tuition Management™
- 61 everydayhero
- 3 Campaign Ideas
- 58 General Discussion
- 115 Blackbaud ID
- 87 K-12 Blackbaud ID
- 6 Admin Console
- 949 Organizational Best Practices
- 353 The Tap (Just for Fun)
- 235 Blackbaud Community Feedback Forum
- 55 Admissions Event Management EAP
- 18 MobilePay Terminal + BBID Canada EAP
- 36 EAP for New Email Campaigns Experience in Blackbaud Luminate Online®
- 109 EAP for 360 Student Profile in Blackbaud Student Information System
- 41 EAP for Assessment Builder in Blackbaud Learning Management System™
- 9 Technical Preview for SKY API for Blackbaud CRM™ and Blackbaud Altru®
- 55 Community Advisory Group
- 46 Blackbaud Community Ideas
- 26 Blackbaud Community Challenges
- 7 Security Testing Forum
- 3 Blackbaud Staff Discussions
- 1 Blackbaud Partners Discussions
- 1 Blackbaud Giving Search™
- 35 EAP Student Assignment Details and Assignment Center
- 39 EAP Core - Roles and Tasks
- 59 Blackbaud Community All-Stars Discussions
- 20 Blackbaud Raiser's Edge NXT® Online Giving EAP
- Diocesan Blackbaud Raiser’s Edge NXT® User’s Group
- 2 Blackbaud Consultant’s Community
- 43 End of Term Grade Entry EAP
- 92 EAP for Query in Blackbaud Raiser's Edge NXT®
- 38 Standard Reports for Blackbaud Raiser's Edge NXT® EAP
- 12 Payments Assistant for Blackbaud Financial Edge NXT® EAP
- 6 Ask an All Star (Austen Brown)
- 8 Ask an All-Star Alex Wong (Blackbaud Raiser's Edge NXT®)
- 1 Ask an All-Star Alex Wong (Blackbaud Financial Edge NXT®)
- 6 Ask an All-Star (Christine Robertson)
- 21 Ask an Expert (Anthony Gallo)
- Blackbaud Francophone Group
- 22 Ask an Expert (David Springer)
- 4 Raiser's Edge NXT PowerUp Challenge #1 (Query)
- 6 Ask an All-Star Sunshine Reinken Watson and Carlene Johnson
- 4 Raiser's Edge NXT PowerUp Challenge: Events
- 14 Ask an All-Star (Elizabeth Johnson)
- 7 Ask an Expert (Stephen Churchill)
- 2025 ARCHIVED FORUM POSTS
- 322 ARCHIVED | Financial Edge® Tips and Tricks
- 164 ARCHIVED | Raiser's Edge® Blog
- 300 ARCHIVED | Raiser's Edge® Blog
- 441 ARCHIVED | Blackbaud Altru® Tips and Tricks
- 66 ARCHIVED | Blackbaud NetCommunity™ Blog
- 211 ARCHIVED | Blackbaud Target Analytics® Tips and Tricks
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- Luminate CRM DC Users Group
- 225 ARCHIVED | Blackbaud eTapestry® Tips and Tricks
- 1 Blackbaud eTapestry® Know How Blog
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)
- 1 Blackbaud K-12 Education Solutions™ Blog
- 280 ARCHIVED | Mixed Community Announcements
- 3 ARCHIVED | Blackbaud Corporations™ & Blackbaud Foundations™ Hosting Status
- 1 npEngage
- 24 ARCHIVED | K-12 Announcements
- 15 ARCHIVED | FIMS Host*Net Hosting Status
- 23 ARCHIVED | Blackbaud Outcomes & Online Applications (IGAM) Hosting Status
- 22 ARCHIVED | Blackbaud DonorCentral Hosting Status
- 14 ARCHIVED | Blackbaud Grantmaking™ UK Hosting Status
- 117 ARCHIVED | Blackbaud CRM™ and Blackbaud Internet Solutions™ Announcements
- 50 Blackbaud NetCommunity™ Blog
- 169 ARCHIVED | Blackbaud Grantmaking™ Tips and Tricks
- Advocacy DC Users Group
- 718 Community News
- Blackbaud Altru® Hosting Status
- 104 ARCHIVED | Member Spotlight
- 145 ARCHIVED | Hosting Blog
- 149 JustGiving® from Blackbaud® Blog
- 97 ARCHIVED | bbcon® Blogs
- 19 ARCHIVED | Blackbaud Luminate CRM™ Announcements
- 161 Luminate Advocacy News
- 187 Organizational Best Practices Blog
- 67 everydayhero Blog
- 52 Blackbaud SKY® Reporting Announcements
- 17 ARCHIVED | Blackbaud SKY® Reporting for K-12 Announcements
- 3 Luminate Online Product Advisory Group (LO PAG)
- 81 ARCHIVED | JustGiving® from Blackbaud® Tips and Tricks
- 1 ARCHIVED | K-12 Conference Blog
- Blackbaud Church Management™ Announcements
- ARCHIVED | Blackbaud Award Management™ and Blackbaud Stewardship Management™ Announcements
- 1 Blackbaud Peer-to-Peer Fundraising™, Powered by JustGiving® Blogs
- 39 Tips, Tricks, and Timesavers!
- 56 Blackbaud Church Management™ Resources
- 154 Blackbaud Church Management™ Announcements
- 1 ARCHIVED | Blackbaud Church Management™ Tips and Tricks
- 11 ARCHIVED | Blackbaud Higher Education Solutions™ Announcements
- 7 ARCHIVED | Blackbaud Guided Fundraising™ Blog
- 2 Blackbaud Fundraiser Performance Management™ Blog
- 9 Foundations Events and Content
- 14 ARCHIVED | Blog Posts
- 2 ARCHIVED | Blackbaud FIMS™ Announcement and Tips
- 59 Blackbaud Partner Announcements
- 10 ARCHIVED | Blackbaud Impact Edge™ EAP Blogs
- 1 Community Help Blogs
- Diocesan Blackbaud Raiser’s Edge NXT® Users' Group
- Blackbaud Consultant’s Community
- Blackbaud Francophone Group
- 1 BLOG ARCHIVE CATEGORY
- Blackbaud Community™ Discussions
- 8.3K Blackbaud Luminate Online® & Blackbaud TeamRaiser® Discussions
- 5.7K Jobs Board