Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
acolevas

PowerSchool as OIDC Service Provider

acolevas
Apprentice
‎08-21-2025 07:23 AM
‎08-21-2025 07:23 AM

PowerSchool as OIDC Service Provider

We use the PowerSchool as an OIDC Service Provider Plugin and have been experiencing issues with timeouts since we upgraded our PowerSchool version in July. Basically users are logged out after 30 minutes and need to log back into ClassLink  (our IDP) to get back into PowerSchool. 

 

It looks like the plugin was upgraded by the system during the version update. The client id and secret in the plugin config are different than the client id and secret in the OIDC settings in the district setup. I am wondering if the plugin was upgraded but the settings were not updated with the new client id. System logs seem to indicate that the auth token is expiring. 


Any help you can give would be greatly appreciated.

0 Kudos
2 Replies
bill611d
New Member
‎08-23-2025 01:09 AM
‎08-23-2025 01:09 AM

@acolevas wrote:

We use the PowerSchool as an OIDC Service Provider Plugin and have been experiencing issues with timeouts since we upgraded our PowerSchool version in July. Basically users are logged out after 30 minutes and need to log back into ClassLink  (our IDP) to get back into PowerSchool. 

 

It looks like the plugin was upgraded by the system during the version update. The client id and secret in the plugin config are different than the client id and secret in the OIDC settings in the district setup. I am wondering if the plugin was upgraded but the settings were not updated with the new client id. System logs seem to indicate that the auth token is expiring. 


Any help you can give would be greatly appreciated.

The user's 30-minute login timeout is most likely caused by a mismatch between the client ID and secret in the PowerSchool plugin and the ones in ClassLink. The incorrect credentials prevent PowerSchool from using a refresh token to renew the user's session, forcing a full re-login. The solution is to update the PowerSchool OIDC plugin settings with the correct client ID and secret from the district's ClassLink configuration.

Foremost Pay Online
0 Kudos
acolevas
Apprentice
‎08-25-2025 06:20 AM
In response to bill611d
‎08-25-2025 06:20 AM

Do you mean the configuration in our PS district OIDC settings? Or from classlink itself. 

 

Right now the plugin client ID/secret and the client ID/secret in our PS district OIDC setup are different. I was wondering if that was it. 

 

Should the district settings be updated with the id/secret from the plugin? I'm a little nervous to do this without being sure, as I don't want to prevent people from logging in.

0 Kudos
Related Discussions & Articles