Extended Enterprise: Logging into an Extended Enterprise while SSO is Enabled

So right now I can do that, but only when all of my cookies are completely cleared, which is more than mildly inconvenient. Secondary to that, what if I need to build notifications or even courses on their domain, as my understanding is that custom notifications must be built on the domain that hosts the people who will receive them. 

I can also get in via configure branding and look, but again, this is time-consuming in the maximum, as I have to navigate all the way there, clear my cookies, then go in.

Do you not have that problem with cookies too? 

I appreciate it. I have one with support in a few minutes here and we are going live with this branch tomorrow morning. Hopefully, I will have an answer by then. I’ll keep you updated. You’ve been such a guiding spirit through all of this!

@tommyVan Was wondering how many EE you have on your platform? We have multiple EEs but for now are only exploring the option to enable SSO for one of them, not the rest. Do you know if that would be possible? Within that EE, do we have to enable SSO for all their sub-branches? Can we configure in a way that one of their sub-branches will be signing in through SSO and the rest will sign in regularly?

What is your experience with SSO so far and other than the cookies/browser issue, what are the pros and cons should I be aware of?

Thanks in advance!

Hi @JKolodner … I’m not sure I understand your issue.

What you say about notifications is very true. Notifications are nearly useless to me because of that very situation, so I generally don’t use them. You can however, SEE the notifications, which was what I was trying to clarify for Tommy.

It seems you’re asking about a different SuperAdmin situation, however. You can create superadmin accounts wherever you want, as long as you are yourself a superadmin. The create/manage users KB article should help you. If I’m not understanding your question correctly, please clarify for me.

@JKolodner 🙂Thanks for the clarification. Is a common issue for Super Admins 🙂 By assignments, I’m assuming you mean enrollments.

Does your notification tell them they NEED TO enroll in a course, or that they HAVE BEEN enrolled? It should be the later for anything of these other approaches to make sense.

• Enrollment Rules - You can define a notification as part of the rule. If you create the rule while logged into or impersonating someone in that EE, then maybe the stars will align ?? I’m not sure that I’ve tried this idea end to end.
• Self-enrollment - Self-enrollment is one way to solve that issue...we mostly just make content available on the dashboard and use other communications methods to announce the need for the course.
• Impersonation - Impersonation gives you the option of selecting the domain name so you can get into that space. If you have lots of people that need enrolling this isn’t realistic.
• Power users - is there someone in that EE you can give permission to enroll users?
• If you can use the API, there is a endpoint for enrolling users. You might need to create the authenticator in the EE domain, but that might be an alternative to asking for SSO access.