AccessPassport

AccessPassport

Overview

AccessPassport is a microservice that handles all user-facing operations related to user authentication including signing in, registering a new account, resetting passwords, setting up MFA, and more.

AccessPassport

Identity Provider 

Our advanced AI uses a service called CareerSync to gather all information openly available about you from the internet. This includes your current job, previous roles, company profiles, social pages, education and skills. You tell us your career aspirations and we plot a career path for you based on everything we know about you. Think of it as your career co-pilot. 

 

What Can It Do For You? 

CareerRoadmap provides a comprehensive career planning service.

  • Career Path Suggestions: We show you the steps needed to reach your career goals, including multiple paths that align with your skills and potential skill development. 
  • Job Recommendations: We suggest actual jobs to apply for that match the first step on your career journey. 
  • Skill Development: We identify the skills you need to develop for your chosen path and suggest courses you can take. 
  • Company Recommendations: We suggest companies that align with your career goals. 
  • Application Assistance: We help tailor your cover letters and resume for specific jobs. 
  • Interview Preparation: We provide tips on what to prepare for in interviews, including potential questions and suggested answers. 

CareerRoadmap Interview

Identity Provider

We use Okta as our Identiy Provider (IdP). This includes most features we need, but not out of the box. Therefore we are building our own microservice for the most flexible integration, to make Okta API calls, and to support customization per customer.

With our own front-end, we ensure the best user experience and can tailor it to each customer’s needs. With our own back-end, we can easily integrate with other Alumni microservices and add any additional functionality which Okta does not support.

Identity Provider 

Our advanced AI uses a service called CareerSync to gather all information openly available about you from the internet. This includes your current job, previous roles, company profiles, social pages, education and skills. You tell us your career aspirations and we plot a career path for you based on everything we know about you. Think of it as your career co-pilot. 

 

What Can It Do For You? 

CareerRoadmap provides a comprehensive career planning service.

  • Career Path Suggestions: We show you the steps needed to reach your career goals, including multiple paths that align with your skills and potential skill development. 
  • Job Recommendations: We suggest actual jobs to apply for that match the first step on your career journey. 
  • Skill Development: We identify the skills you need to develop for your chosen path and suggest courses you can take. 
  • Company Recommendations: We suggest companies that align with your career goals. 
  • Application Assistance: We help tailor your cover letters and resume for specific jobs. 
  • Interview Preparation: We provide tips on what to prepare for in interviews, including potential questions and suggested answers. 

CareerRoadmap Interview

Authentication Actors

  • User: initiates the flow when trying to access protected content. Usually, it is the “Sign in“ button on the landing page. 
  • Alumni application: generates the SAMLRequest based on Okta IDP metadata. 
  • AccessPassport: the interface between Alumni application and Okta. Contains the logic to interact with Okta as well as page layout customization per customer.
  • Okta: Authentication platform.
    • When a user is federated, Okta acts as SP to interact with external IDP. Translate SAMRequest initiated by Alumni into a SAMLRequest expected from the customer. Same for the SAMLResponse, translate Customer response into a SAMLResponse expected from the Alumni app.
    • When a user is not federated Okta is the IDP, it stores user credentials.
  • External IDP: Application responsible to execute user authentication.

AccessPassport Data Collection and Hosting

To register a user, AccessPassport stores in its local database the name, last name, and email address of the user. Also, this information is duplicated in Okta, along with the user-hashed password.

To validate user credentials, AccessPassport relies on Okta service, as AP does not store passwords in its database. The email address is the unique identification of a user.

Frequently Asked Questions

We've compiled a list of FAQs to help you understand AccessPassport better. If you have any additional questions, please don't hesitate to reach out to us. 

What is AccessPassport?

AccessPassport is a service that allows you to easily sign in to multiple Alumni Communities through a single login. Users are able to manage, monitor, and navigate freely between participating member sites using a single set of credentials.

Can I opt out of AccessPassport?

Your company has chosen to adopt AccessPassport to keep your information secure. That means every Alumni user needs to be under the AccessPassport umbrella. Using AccessPassport ensures only you have access to your account.

Why do I have to reset my password?

You’ve been asked to change your password due to security measures and controls to protect your information.

What if I did not receive the reset password email?

Click the “Forgot Password” password link on the sign-in page and follow the steps outlined.

What if I forget my username or password?

If you’ve forgotten your username or password, click the “Need help signing in?” link at the bottom of the sign-in page. Then click “Forgot Password” to reset it. If that doesn’t work, call your help desk.

What is Multi-Factor Authentication (MFA) and why do I have to set it?

When you log in for the first time on AccessPassport, depending on the security settings of your organization, you may be asked to complete MFA enrollment. This is a process to validate your identity and ensure the increased security of your account. Initially, users will have the option of receiving SMS (text message) pin codes.

I wasn’t required to enable Multi-Factor Authentication, is something wrong?

If enrolling in MFA is a mandatory step during signup or login, then this is a requirement of the organization. If it is an optional step, then you may choose to bypass MFA enrollment.

What if I can’t get Multi-Factor Authentication to work?

If you are having difficulty signing in or experiencing a technical issue, please visit the homepage of your Alumni Community and click “Contact Us” to submit a support request.

What if more than one of my alumni networks makes the switch to AccessPassport?

Your AccessPassport is associated with your primary login email address. This means that you only have one set of credentials to manage for all of your AccessPassport-connected services. When changing your password via any of these connected services, your credentials will be usable when authenticating with any of your other alumni networks using AccessPassport.