At the moment, our user population is made up entirely of individuals who are able to sign in using our established SSO implementation with CAS. In the near future, we will need to add a large number of users who will authenticate via social media logins. Many of these users will have both types of accounts, because they occupy multiple roles within the organization. Since only one authentication method is allowed for the environment, we are not sure how to implement this. Here are the ideas we have considered:
Idea 1: Purchase an authentication proxy that will take logins from SSO and non-SSO folks and pass all of them to the same environment with a single authentication method (most likely SAML). This would keep all users in a single environment, but it raises a few questions as well. For users with both SSO and non-SSO accounts, how will we identify and merge them? For users with only social media logins, how will we verify that they are who they say they are, particularly in cases where they forget one set of credentials (their Google account, for example) and instead make a new account (with Facebook). How can we be sure it is the same person, merge the accounts, and ensure they get credit for all the courses they have completed under the old account?
Idea 2: Keep the logins separate and place all non-SSO users into a sub-account. This has some of the same drawbacks, like the need to merge accounts and identify users. It also introduces the situation where a user will exist in both accounts, and be required to take the same training in both. Additionally, such a user would have two different Bridge environments to track and complete training for, which is not ideal.
To complicate matters further, we are planning to start using the auto-csv option in the very near future. We are not sure exactly how this will complicate the situation, but it almost certainly will in some sense.
I'm sure many of you are in a similar situation and/or have some insight regarding the best way to handle this. I greatly appreciate any advice or suggestions you can provide.