Single Sign On (SSO) and Identity Access Management (IAM) Request for Proposals (RFP)

The Organization for Educational Technology and Curriculum (OETC) is issuing a Request for Proposals (RFP) for Single Sign On and/or Identity Access Management (IAM) solutions that can be shared in an educational setting as a Joint Cooperative Procurement on behalf of its public K-20 member institutions. The purpose is to identify and award a contract to provide volume price agreement and fulfillment services for the members of the OETC education technology consortium.

Proposals should be mailed to the address below or delivered in person to Thomas Richards, and must arrive no later than 4:00 p.m. PT on Monday, October 9, 2017.

Attn: Thomas Richards
471 High Street SE
Suite 10-Creekside
Salem, OR 97301

The Following Files are Required for this SSO/IAM RFP


OETC is an education technology purchasing vehicle that empowers educational institutions. We represent our membership in organizing cost-effective, cooperative education technology purchases through a sealed, competitive bid process to negotiate contracts that abide by state procurement statutes.

How It Works:

  1. OETC advertises a multi-state, open, competitive education technology Request for Proposals (RFP) based on a non-brand specification on behalf of our public membership.
  2. Trained OETC scorers evaluate proposals based on a disclosed rubric.
  3. Awards are based on the lowest price offering from a qualified respondent.

Questions and Answers

Section ReferenceQuestionAnswer
What version of OneRoster is in scope?We are targeting the latest, v1.1
What SIS are in scope, outside of IMS Global?Many, including products by Skyward, Synergy, PowerSchool, Illuminate. OETC represents 1,000 K12 and Higher Education institutions.
How is your organization structured? Is there a central implementation of IMS which is shared by all members of OETC, or do different regions host their own, or do individual districts? Or, does each district have a choice of SIS where IMS is just one possibility?Each district and higher education institution has a choice.
Are services delivered by OETC or are you a broker for pricing for participants?The question's diochotomy doesn't fully address what OETC is, but we are more like a price broker for the sake of the question.
Do you want to offer services to members from a central point (private cloud)?That isn't the goal.
Beyond Google and AD, are there any other target systems to provision identities to?Google and AD account for nearly 80% of the membership
Please provide a specific list of systems to which SSO is requiredThat would be too long, and not in the scope of this RFP.
Are all systems cloud hosted, or are some on-premises?Many are on premise.
Do all systems to be integrated support some form of federation (SAML, Oauth, WS-Federation, etc)?Most do; however, there are some very large, legacy applications that don't. And they would need custom integrations if the vendor wanted to work with them.
Do any existing applications which are not “federatable” need to be included in SSO?That is up to the respondent. Most institutions realize that federated systems should work out of the box, and that custom integrations will need to be an additional cost.
Section II-5: Complete All Attachments - Category percent off of Manufacturer’s Suggested Retail Price (MSRP) (required). TabThe Pricing Schedule sheet does not have this as a separate tab. The pricing sheet has a single tab with different fields. The below fields, mentioned in the RFP, are not available in the Pricing Proposal downloaded from the Announcement URL:See below where I broke out each question on a separate line.
1)    the dropdown for selecting the categories, mentioned to be available in Column B of the pricing sheet (what are the different “categories”?)A respondent might break up licenses, maintenance, setup fee, and consulting services as different categories, so that they can set different discounts based on each.
2)    Field for entering Manufacturer Name (Column A has Category field & Column B has Manufacturer Line field)?Yes, that is an accomodation for resellers who may be bidding multiple manufacturer lines across similar categories. So a computer reseller may list "Notebooks" as the category, and then "HP" and "Lenovo" on two lines with different discounts.
Section II-5: Complete All Attachments“Proposal must provide an Education MSRP price list so that specific pricing against % off of MSRP may be calculated for comparison purposes”

It is not clear where this information is to be provided. Is this placed in column B - “Manufacturer Line” or submitted as a separate document?
Typically as a separate document, by either will suffice.
Section II-5: Complete All Attachments - Individual SKU pricing (required). Tabs - various categories:It is not clear how this is to be provided. Is the desire to provide a row per SKU on Sheet or duplicate Sheet 1 for different SKUs?I've updated the pricing schedule to be more clear. For Item Pricing you provide a SKU (Item No) a description, a cost (what OETC pays you), a price (what OETC member pays us), the item category, and the manufacturer name. If this isn't clear enough, please submit another question and I will attempt to clarify further.
Section II-5: Attachment C – Fulfillment Agent.Since there are different fields available in Attachment C, we wanted to confirm that Attachment C is to be filled only by the Fulfillment Agent. If a Manufacturer is designating itself to fulfil the terms of this RFP, only Attachment B (and not Attachment C) should be filled?Attachment C is only necessary if the manufacturer is designating fulfillment agents at the time of bid or later. Either case it is not necessary if the manufacturer will be fulfilling orders themselves.
Section III-C“Content accessible via mobile device browsers, including iOS and Android”

Assumption is that this refers to end-user sign-on capabilities required from the single-sign-on product and not administrative features related to configuration, administration, and management of the product.
Section III-C“Supports ADFS or SAML”

Assumption is that this means that an OETC Member can be using either ADFS or SAML for the system that the single-sign-on product needs to interoperate with.
Section III-C“Offers the ability to schedule nightly updates and/or run manual updates, if needed”

The assumption is that this refers to nightly roster updates.
Section III-CCan the product be offered solely as a managed service, Platform as a Service (PaaS), that is managed by the vendor. Yes.
Section IV-A: Complete Proposal“The purpose of this phase is to determine if each response complies with the mandatory terms, conditions, and specifications in the RFP.”

We understand from this statement that certain terms & conditions are mandatory. Since the RFP has a provision allowing the Proposer to be not bound to certain terms & conditions (by mentioning them in Attachment C), can you let us know which of the terms and conditions are mandatory?
I'm sorry for the confusion and that we can't be more crystal clear, black letter on this. First, we consider all terms and conditions mandatory. However, we realize sometimes an respondent may take issue with a particular word or phrase, but still intends to be bound by the underlying logic, but merely wishes to change a phrase. Or a product or service is incompatible with a term or condition, and we'd rather the respondent bid, not their objection, and let the scoring committee decide if the term should be modified in the best interests of the consortium.

To put it another way, every term and condition exists for a good reason, and we don't intend to waive any of them, but the world of technology is vast and ever changing so we'd rather receive proposals that may have objections and use good judgement rather than apply a black-letter rule that states all terms and conditions must be agreed to in the proposal. Sometimes we receive proposals that object to so much they are disqualified, and sometimes great products and services at great prices that matter to our members are offered with only a few concessions, and in total those score well enough to be awarded.
Attachment A - Pricing ProposalCan the dollar values of the price ranges (Columns D through J) be changed?Yes
Page 8, Section III (c), Integrates SIS data to create user accounts in AD/Google web-based applicationsDoes “Integrate” mean to collect or query SIS data for the purposes of provisioning\creating user accounts within AD/Google IdPs?Yes
Page 8, Section III (c) Supports OneRoster REST APIDoes “Supports” in this requirement mean “to call the OneRoster API to read user information for purposes of creating\importing identities into the IdP\IAM provider”?Yes
Page 9, Section III (c) Offers the ability to schedule nightly updates and/or run manual updates, if neededWhat type of updates does this requirement refer to?  For instance, software updates or data\identity updates?The latter: data/identity/roster updates

Responses Received:

  • Tools4Ever – 10/2/17 3:28am
  • Okta – 10/4/17 10:40am
  • Campus – Consortium 10/9 10:00am
  • ClassLink – 10/9/17 10:00am
  • CDWG – 10/6/17 9:54am
  • West – 10/2/17 10:15am
  • LearningMate Solutions – 10/2/17 9:50am
  • EduTone – 10/2/17 9:50am
  • Encore Technology Group – 10/29/17 9:50am
  • Network Consulting Services – 10/2/17 3:22pm

Intent to Award

Please note OETC will need complete contract negotations with the following companies, and our intent to award does not guarantee a final contract.

  • SchoolMessenger
  • Tools4Ever
  • ClassLink
  • CDWG (OneLogin)
  • Okta