Use OneLogin as identity provider (IdP) for a seamless login for learners
Set up an integration between OneLogin (https://www.onelogin.com/) and LearnUpon. OneLogin is an easy-to-use cloud identity management provider.
Availability: all customers
OneLogin's integration provides Single Sign-On (SSO) capacity:
- Users create a single set of credentials with OneLogin
- OneLogin lets users log in to many applications, including LearnUpon, with these credentials
- OneLogin keeps users' login details separate from their LearnUpon usage data
So, OneLogin never "sees" or records what courses users take, or their course outcomes. The OneLogin integration only provides access to their LearnUpon account. Adding OneLogin as a login option means LearnUpon admins can manage users in a centralized location.
Access permissions
- Admins with full portal permissions: can set up the feature
The admin setting up the integration requires access to a OneLogin admin account.
Prerequisites
To set up OneLogin SAML SSO you need:
- SAML SSO turned on for your portal
- any related custom user data fields set up in LearnUpon
Note: the YYYY-MM-DD format is required for custom user data fields that contain dates. This format supports integrations for LearnUpon like SSO SAML, and services like batch user upload and API automations.
See Custom user data: set up custom fields.
Setting up OneLogin
From your OneLogin Administrator Dashboard:
- In the top menu select Applications > Applications
- Select Add App
- In the search bar, enter LearnUpon
Alternatively, you can find the LearnUpon Application in the E-Learning group.
On the LearnUpon Application Info page you can:
- Update the application Display Name
- Select the Tab you would like to host the LearnUpon application
- Toggle the application Visibility in your portal
- Personalize the LearnUpon Application Icon
- On each options page Select the blue Save button in the upper-right to save any changes
On the LearnUpon Application Configuration tab:
- Enter your LearnUpon portal Subdomain
On the LearnUpon Application Parameters tab you can:
- Specify Values and Fields to be sent from OneLogin to LearnUpon
- Select your SAML NameID
- Update SAML field formats
OneLogin’s standard NameID format:
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
On the LearnUpon Application SSO Tab you can:
- View the X.509 Certificate Details
- Update your SAML Signature Algorithm (required)
- View your SAML 2.0 Endpoint (HTTP)
From the SSO tab select View Details under the X.509 Certificate. This page contains the certificate Fingerprint and other general X.509 Certificate information.
This concludes the basic setup from OneLogin. Navigate to your LearnUpon portal to continue setup.
The Rules, Access, Users, and Privileges pages contain additional settings but are not required for setup.
Redirect URI
You can set a redirect_uri parameter with SSO, to redirect SSO users to a specific a web address after they log in.
Redirect the user to your catalog
https://yourportal.learnupon.com/saml/init?redirect_uri=/catalog
Redirect to a specific course on the catalog
https://yourportal.learnupon.com/saml/init?redirect_uri=/catalog/{course_id}
This example requires the destination course's ID in LearnUpon. You can extract {course_id} from our API, or you might have the IDs stored on your own site.
Launch a specific course for the user
https://yourportal.learnupon.com/saml/init?redirect_uri=/enrollments/{enrollment_id}
This example requires the enrollment ID that you want to launch: the application generates this identifier when you enroll users. You can extract {enrollment_id} from our API for a user.
Tip: To launch the course description page when the enrollment starts, add %3Fvd%3D1
to the end of your redirect_uri, which sends LearnUpon a redirect parameter of ?vd=1
.
Redirect the user to your store
https: //yourportal.learnupon.com/ saml/init?redirect_uri=/store
Redirect to a specific course on the store
https://yourportal.learnupon.com/saml/init?redirect_uri=/store/{course_id}
This example requires the destination course's ID in LearnUpon. You can extract {course_id} from our API, or you might have the IDs stored on your own site.
Disable login page
See: Set up SAML SSO for your portal
If you select Disable portal login page in Settings > Integrations> SAML SSO > General Settings, you can still access the portal login page by adding users/sign_in?no_sso=true
to the standard portal URL. For example:
companyname.learnupon.com/users/sign_in?no_sso=true
Note: when you log in through SSO, you are authenticated for a single portal, rather than all your portals. The portal switcher in your top navigation bar shows only the portals where you are already logged in.
To retain access to all your portals through the portal switcher, log in through the LearnUpon sign in page, by adding users/sign_in?no_sso=true
suffix to your portal URL.
Next steps with SAML SSO
See SAML SSO: send default and custom user data to LearnUpon about setting up additional customization for learners, to improve their learning experience.
See: