Skip to main content

How to use SSO with AcademyOcean?

Here you will find is a tutorial on how to use SSO with AcademyOcean

Mary avatar
Written by Mary
Updated over a year ago

Using Single Sign-On (SSO), your learners can log in once to access multiple applications, including our LMS

Step 1 — Creating an Application in Azure AD

1. Sign in to the Azure Portal (Microsoft Azure).

2. Navigate to “Azure Active Directory” > “Enterprise applications” > “All applications”

3. Click “New application” and then “Create your own application”

4. Enter the name of your application and click “Create”

Step 2 — Configuring SSO with SAML

1. Open SSO configuration and choose “SAML”

2. Open “Basic SAML configuration”

3. In a new window, open the “SAML” page in AcademyOcean (enter as admin or owner) and create a new SAML connection

4. Copy SAML data in “Basic SAML configuration”

About this data:

  • The Service Provider Identifier (SP ID) is a unique identifier that represents the service provider in the SAML authentication process. It is often used as the Entity ID during SAML configuration. The SP ID helps identify the service or application that is requesting authentication from the identity provider (in this case, Azure AD).

  • The Assertion Consumer Service URL (ACS URL) is the endpoint where the service provider expects to receive the SAML assertions (tokens) from the identity provider after a successful authentication. In other words, it is the location where Azure AD sends the authentication response (SAML assertion) back to the service provider.

5. Add metadata and Provider Certificate in SAML pop-up(in AcademyOcean)

5.1 The Provider Certificate can be found in the XML metadata, in the <X509Certificate> string

6. Create and Published

Be careful, once created, you will not be able to change anything, only delete and create a new

Step 3 — Attributes & Claims Configuration (Optional)

This section is only required if you want your learners' First name, Last name and email to be transferred when they log in to the AcademyOcean by AD

1. Navigate to the "Attributes & Claims" settings within the Single Sign-On (SSO) page in Microsoft Azure AD

2. Click on the "Add new claim" button

3. Configure the transfer settings for the following attributes:

  1. Email

    1. Name: email

    2. Source attribute: user.mail

  2. First Name

    1. Name: firstName

    2. Source attribute: user.givenname

  3. Last Name

    1. Name: lastName

    2. Source attribute: user.surname

Finish

If you have created everything correctly, then on the learner login page, instead of the usual methods, SSO login will be available

In this case, this button will redirect us directly to Microsoft

This error occurs if the learner does not have access to the academy through the AD (this is an error for the AD)

Related Articles
NoTeam Learners at Academy
How Learners can create a Bookmarks
How to give Learner access to download Lessons in PDF
A view of the platform from a mobile device for Learners
How to create and customize an Exam?
Did this answer your question?