Integrate Okta SAML SSO with LearnUpon

Use Okta as an identity provider (IdP) for a seamless login for learners

Okta is an easy-to-use cloud identity management provider: https://www.okta.com

Okta's integration provides Single Sign-On (SSO) capacity:

• Users create a single set of credentials with Okta
• Okta lets users log in to many applications, including LearnUpon, with these credentials
• Okta keeps users' login details separate from their LearnUpon usage data

So, Okta never "sees" or records what courses users take, or their course outcomes. The Okta integration only provides access to their LearnUpon account. Adding Okta as a login option means LearnUpon admins can manage users in a centralized location.

Access permissions

The admin setting up the integration requires access to an Okta admin account.

Prerequisites

To set up Okta SAML SSO you need:

• SAML SSO turned on for your portal
• any related custom user data fields set up in LearnUpon

See:

• Custom user data: set up custom fields

Setting up Okta

From your Okta Administrator Dashboard Developer Console:

• Select Classic UI from the dropdown in the upper-left

From your OKTA Administrator Dashboard Classic UI:

• Select Add Applications

Select the green Create new app button:

• Platform: Web
• Sign on method: SAML 2.0
• Select Create

On the Create SAML Integration General Settings page you can:

• Set an App Name (required)
• Upload an App Logo (optional)
• Select Next

On the Create SAML Integration Configure SAML page:

• Enter your LearnUpon portal SAML Entry Point into the Single Sign On URL field (required)

https://subdomain.learnupon.com/saml/consumer

• Enter an Audience URI (required)

learnupon.com

• Specify a Default RelayState
• Update the NameID Format
• Update the Application Username (NameID)
• Update Response Algorithms and Signatures
• Specify a Digest Algorithm as SHA-1 (required)

• Specify Attribute Values with Names, Formats, and Values
• Specify Group Attribute Values with Names, Formats, and Filters
• View a Preview SAML Assertion

Progress through the Create SAML Integration Feedback page.

On the Application > Sign On tab:

• Select View Setup Instructions under the SAML 2.0 Warning

On the Setup Instructions page you can:

• View Identity Provider Details
• Download X.509 Certificate (required)
   
  • Extract the SHA-1 Fingerprint of the certificate using the command line or an online tool

On the Application > Sign on tab:

• Scroll to SAML 2.0 and select More details to expand the list
• Copy the Sign on URL
• Use this URL in your portal SSO setup: go to Settings > Integrations >  Single Sign On - SAML > General Setting > Identify Provider Location (IDP SSO Target URL)

See Set up SAML SSO for your portal > Complete general settings for background.

The following screenshot shows the location of the SAML 2.0 options in Okta.

This concludes the basic setup from OKTA. Navigate to your LearnUpon portal to continue setup.

The Import and Assignments pages contain additional settings for user assignments but are not required for setup.

Next steps with SAML SSO

See:

• SAML SSO: send default and custom user data to LearnUpon about setting up additional customization for learners, to improve their learning experience
• SAML SSO: set up redirects for LearnUpon URLs to make the path to courses and the catalog easy for learners

See:

• Knowledge base category: Integrations
• Find help: access the Support desk
• Find help: find and copy identifiers from your portal
• Find help: allow Support to access your portal