Good Day Everyone,
Am struggling to configure power school single sign-on (Open ID Connect), am configuring this through Azure Active Directory. the authentication process goes through but it lend to a PowerSchool page that says its unauthorized all the time
HTTP Status 401 ā Unauthorized (powerschool.com)
I have been trying to get in touch with support team for help with SSO, can I please get help from support team
Hi! @Moshe
To provide better assistance, would you please share more details on the difficulties that you are experiencing with SSO?
@MuskanS Good Day,
Thanks for your response, I have configured Power School to use Open ID Connect through Azure Active Directory.
When a user go to our FQDN, they are redirected to a Microsoft logon page where they can authenticate using their O365 credentials.
It authenticate successfully, however instead of taking the user to PowerSchool after authenticating it then take them to an authorized page
Hi @Moshe
Thank you for providing more details.
A common reason that can cause the HTTP 401 error is the mismatch of credentials between the Provider and PowerSchool SIS.
You can learn more about it here.
If you continue to face difficulty, please report the issue to a Designated Support Contact in the organization. They can work with PowerSchool SIS support to determine the cause of the issue.
Hi Moshe,
Did you ever get a resolution to this? We are seeing this based on Google credentials using Cisco Duo as our authentication provider.
HTTP Status 401 ā Unauthorized (powerschool.com)
Hi @TroyH1,
I see that you are already working with support through a case and recommend continuing to work with them. I also would like to share these troubleshooting steps as well so that others can refer.
I ran into this issue and support showed me the solution in my case.
Find the teacher that is having this issue and click on their account. This should open a URL something like:
/admin/faculty/home.html?frm=1234
Change the URL to be the following by replacing frn= with mcr=
/admin/faculty/home.html?mcr=1234
This displays the teacher's record in the database. Check to make sure TeacherLDAPEnabled is set to 1. If it is set to 0, then use DDA to update the record and set TeacherLDAPEnabled to 1.
This solved the issue for me.
Tks RolandP
I was facing the same problem but with Google. The cause of the problem Error 401 for Teachers , was the same. Just setting teacher field :TeacherLDAPEnabled =1 Fixed the error.
Thanks for share..!
I was so hopeful when I read this post. We've been down for over a week since OS patching and a VM restart. We've used OIDC with students and teachers for two years without issues until now. I did discover that TeacherLDAPEnabled was set to 0 for our users, unfortunately changing it to 1 did not fix the issue in our case.
Did you find a fix for issue? suddenly we're seeing this as well - users can get on OK but after 2 hour timeout they get 401 error. So far the only way I've found to get them back on is to revoke MFA sessions so they get fresh sign in. It's like their 2 hour timeout PS pushes suddenly can't re-auth users properly and/or present sign in page.
Am trying to authenticate power school through Azure Active Directory SSO, I don't know where to find the Signature hash key (SHA1) for android and Bundle Id for Ios
Hi @Moshe,
The setup directions for PowerSchool SIS using Azure as OIDC IDP should provide you with all the steps for the setup. Signature HASH keys should be exchanged in the app on OIDC handshake and be needed for the setup.
Hope this helps with your setup.