The BrightVine Data Link Integration Engine and Single Sign-On Solutions


By: Megan Constantino, Darryl Fonseca and Bethany Avery


Today we want to dig into a topic that many of our current and prospective BrightVine Data Link Integration Engine for Blackbaud CRM™ (BVDL) customers have asked about. “Does your Integration Engine work with SSO”? The answer is yes, it does!




The question often comes down to the fact that the Integration Engine for Blackbaud CRM™ uses Integrated Windows Authentication (IWA) to make its API calls to Blackbaud CRM™. SSO on the other hand uses a completely different mechanism, more of a “stateless” call, which can pose a barrier for apps that require you to authenticate every time such as BrightVine Data Link for Blackbaud CRM™.


So how do we work around this? We do so through a series of configuration updates and by populating the Windows Authentication fields on the Application User record. These fields are populated natively when you create an Application User in Blackbaud CRM™ using the “Add Domain User” form. For those using SSO however, you’ll know that you must use the “Add Custom User” form instead, which does not populate the Windows Authentication fields. It is simple to populate these fields with the relevant information via script however. The fact that the Windows Authentication fields are populated (not the mechanism by which they were populated) is enough for the BrightVine Integration Engine, giving it what it needs to move on despite the user being an SSO user.


The remaining configuration is simply to update a handful of web config items to support Windows Authentication. All in all, the changes take just under a few minutes, and can be completed by BrightVine or your IT team. For follow-up questions or a walkthrough, reach out today!