What is CurricuLLM's AI tutor for schools?

CurricuLLM is an AI tutor and virtual tutor designed specifically for schools. Our AI for schools integrates the curriculum to ensure safe, age-appropriate, and curriculum-aligned learning for teachers, students, and school leaders.

How does the virtual tutor work for students?

CurricuLLM's virtual tutor and AI tutor work by aligning with the curriculum to provide tailored support. The AI tutor assists teachers with lesson planning and assessments, while the virtual tutor helps students with personalised explanations and practice questions suited to their level.

What's included in the free AI tutor plan for schools?

The free AI tutor plan includes curriculum-aligned AI tutor, up to 50 messages daily, 20 historic conversation views, file uploads up to 2MB, emulation-only access to the student virtual tutor, and good accuracy for AI tutor responses.

Is student data secure with this AI for schools?

Yes, student data is secure with CurricuLLM's AI tutor. Our AI for schools ensures minimal data collection, no prompt training with student inputs, regional storage with strong encryption, and schools can request data corrections or deletions at any time.

15.2 SAML Onboarding Guide - 15. Integration - Training Hub

This guide will walk you through the process of configuring SAML authentication between your school's identity provider (IdP) and our Auth0-based application. This setup will enable single sign-on (SSO) for your users, allowing them to access our platform using their existing school credentials.

Prerequisites

Before starting, ensure you have:

Administrative access to your school's identity provider (Google Workspace, Microsoft Azure AD, Okta, etc.)
The SAML metadata or configuration details from the CurricuLLM Team
Permission to create and configure SAML applications in your IdP

Step 1: Gather Required Information from CurricuLLM Team

You'll need the following information from our Auth0 configuration:

Required Auth0 Details:

Entity ID (Identifier): urn:auth0:curricullm-prod:hello-curricullm-
ACS URL (Callback URL): https://curricullm-prod.au.auth0.com/login/callback?connection=hello-curricullm-
Relay State URL: https://app.curricullm.com/chat
Logout URL: https://app.curricullm.com/logout

Note: We will provide these specific values for your school's configuration.

Step 2: Configure SAML Application in Your Identity Provider

For now, we are covering steps relating to Microsoft Azure AD. In the future, documentation will be updated to support Google, Okta and other major IDP providers.

For Microsoft Azure Entra ID:

Access Azure Portal
- Sign in to the Azure portal
- Navigate to Microsoft Entra ID → Enterprise applications
Create New Application
- Click New application → Create your own application
- In our example we have chosen to use the application name CurricuLLM
- Select "Integrate any other application you don't find in the gallery"
- Click "Create"
Configure Single Sign-On
- Go to Single sign-on → SAML
- Click Edit on Basic SAML Configuration
- Replace '999999' with the ID provided to you by the CurricuLLM team

Basic SAML Configuration

Identifier (Entity ID): Enter our provided Entity ID
- urn:auth0:curricullm-prod:hello-curricullm-
Reply URL (ACS URL): Enter our provided ACS URL
- https://curricullm-prod.au.auth0.com/login/callback?connection=hello-curricullm-

Attributes & Claims

Ensure the following claims are configured:

Please ensure that user.mail attribute for the user object is populated. CurricuLLM relies on this attribute to correctly map users to organisations internally. If this is not the case in your instance, please let us know and we can configure alternative claims for the user email address attribute.

SAML Signing Certificate and Login/Logout URLs

Download the Certificate (Base64)
Copy the Login URL and Logout URL from the newly configured SAML-based Sign On
Share these with our team at security@curricullm.com

You will need to provide:

Downloaded Certificate (Base64), renamed to .cer
Login URL
Logout URL

Step 3: Test the Configuration

Please note that these steps may vary depending on your configuration.

Assign Users

Assign users to the SAML application if you have not already done so
Start with your account or a subset of users

Initial Testing

Have users attempt to log in through the SSO URL: https://app.curricullm.com/
Upon initial login, you may be prompted to Authorise App. This provides CurricuLLM with the necessary privileges to access limited user metadata which we use in our application to identify you and create your user record.
Confirm that users can access the application at https://app.curricullm.com/chat

Known Issues

Email does not match any enterprise directory
- CurricuLLM matches known email domains for its customers to each customer org internally. Please check to ensure you are using a valid email domain for your school. If you believe you are, but still receive this message, please reach out to us at helpdesk@curricullm.com
User Communication
- Inform users about the new SSO login process.
- We note that at present it can be quite confusing seeing "Email address*" AND "Continue with Microsoft Account" which appear to be the same option if you are using a Microsoft IDP. We are evaluating the viability of continuing to provide personal Microsoft account authentication as part of our trial.
- Provide instructions for accessing the platform through your own portal.
- Please reach out to us if you would like us to evaluate the use of IdP-initiated SSO for your use case. We have chosen to disable this by default for all new SAML configurations.
- Set up support channels for login issues

Next Steps

After successful SAML configuration:

User Training: Schedule training sessions for end users to help them understand the login process
Documentation: Create internal documentation for future reference
Regular Reviews: Periodically review user access and permissions

Need Additional Support?

Contact our technical team at helpdesk@curricullm.com with "SAML Setup" in the subject line for dedicated assistance with your configuration.