Submit a ticket My Tickets
Welcome
Login  Sign up
Open navigation

How to Use Microsoft Entra with LearnWorlds OpenID Connect SSO

Availability
Starter
Pro Trainer
Learning Center
High Volume & Corporate

In addition to SAML (Security Assertion Markup Language), LearnWorlds supports OpenID for implementing seamless SSO (Single Sign-on) experiences. By utilizing SSO, users can access multiple systems with a single set of login credentials, significantly enhancing security and user convenience.


In this article, we will dive into how to integrate Microsoft Entra with LearnWorlds using OpenID, simplifying your user access and streamlining your platform's security. Below you can find a step-by-step guide on how to set this up.


1. Sign in to the Microsoft Entra admin center. Browse to Identity â†’ Applications â†’ App registrations → All applications â†’  <your application> → Authentication. 2. Under Platform Configurations, select Add a Platform.

3. Select the appropriate platform for your application. For example, select Web for a web application.

4. Navigate to your LearnWorlds school under Website â†’ Website Settings â†’ Authentication → Open ID connect and create a new OpenID Connect. Locate the Redirect URL and copy it.

5. Navigate to Microsoft Entra fill in the Redirect URL without the openid?provider=171890065170448 part and click on Configure. 6. Under Implicit grant and hybrid flows, select the ID tokens (used for implicit and hybrid flows) checkbox.

7. Browse to Identity â†’ Applications â†’ App registrations → Overview â†’ Endpoints. Locate the URL under OpenID Connect metadata document and copy it.

8. Paste the URL inside your LearnWorlds school into the new Open ID connect you created on the Discovery Document link field and click on the Fetch button. 

9. Back in Microsoft Entra click on Certificates & Secrets and click on New client secret to add a client secret. Click on the add button.

10. On the client secret tab, copy Value and  Secret ID.

Navigate back to your school and paste Value in the Client ID field and Secret ID in the Client Secret field.

11. Once this is completed, click on the Create button, and the Open ID connection will be ready!


If you're using OpenID as an authentication method, it's mandatory to change the Site Navigation settings in the Payment Flow section for Logged-out users, as they will need to sign up/log in before proceeding to the payment page.

Also, you need to ensure that in all Payment Sections of your school's pages, 1-click Sales funnels, or the Payment Page of your school, the Sign in/up form option is set to hide since the user will not be able to sign in/up via the Learnworlds system.

  • If you set up an SSO solution and disable the LearnWorlds login, all the users will be redirected to the SSO provider to authenticate, LearnWorlds passwords will no longer be valid. The users need to exist or sign up with the SSO authentication provider. The change of the authentication provider will only change the authentication mechanism, all the user data as well as their roles (admin, instructor, etc.) will be intact. 
  • The SSO mechanism uses the user’s email address to identify the user (unique key); therefore, to change the user's email address, you need to manually update the new email both in your school and on your IDP.

    Furthermore, you may use the bulk import (and enroll) functionality in case you need to import users that already exist in your SSO provider.

  • If you revert to LearnWorlds authentication, users created via the SSO authentication will need to create a new password. Passwords can be changed: 
    • By the user via the forgot password mechanism
    • By the admin reset and/or update password mechanisms
  • The LearnWorlds password update/reset functionality as well as sign-up are only available for the Default LearnWorlds Authentication mechanism. Any other SSO authentication mechanisms will need to handle these functionalities. 
  • In case you misconfigure the custom SSO setup and this is the only available authentication mechanism, then only the Learnworlds School Owner account will be able to sign in to your school via our Learnworlds account sign-in page (https://account.learnworlds.com/login)
  • The built-in Affiliate Management program can not be used for users who use SSO providers to sign in
  • If you want to use more than three custom SSO, SAML, or OpenID solutions in total, please contact us at support@learnworlds.com. In case you are on the Learning Center plan you can also add 3 more by purchasing our scale package.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.