IT and SSO — your handover
You are on your institution's IT team. First Six federates identity against your IdP, so most of your work is one-time application registration and a few feed wirings. None of it is heavy; the trick is sequencing it so the platform owner isn't blocked.
What's already done for you
By the time you reach this page, First Six has:
- Implemented the standards-based OIDC sign-in flow, hardened with PKCE, nonce, state, and issuer + audience checks against your IdP's JWKS. The technical detail is in the OIDC flow.
- Provisioned your tenant on a Sydney-region database (AWS
ap-southeast-2). - Stood up an SIS-sync endpoint that accepts roster pushes from your upstream student information system. The contract is documented at the SIS endpoint.
- Configured DNS for the platform's own subdomains (
console.,app.,kb.,status.). You don't need to host anything.
What's left for you is the connect-and-wire work below.
Identity (SSO)
This is the critical-path item. The platform owner can't run the launch checklist past step 2 until students can sign in.
First Six supports a magic-link sign-in fallback for the (rare) case where SSO is unavailable. If you want that disabled for your tenant (typical for cyber-strict environments), tell us during this step so we set the flag at handover, not after a confused student request.
Roster sync (SIS feed)
This isn't strictly blocking — you can hand-import students from the console — but for any cohort over a couple of hundred students it saves a lot of pain.
Calendar / timetable feed
Optional but recommended: students see their actual timetable inside the platform instead of bouncing to a separate system.
Email and notifications
Account lifecycle
First Six is fully cloud-hosted — Vercel for the apps, Supabase (AWS Sydney) for data. There is nothing to install on your network and no inbound firewall opening required. All traffic is browser → our SaaS, plus your outbound push to our SIS endpoint and our outbound SMTP / push to your students.
Related
The fastest answer is usually one question away.