Availability
If you have all your users in Azure Active Directory, you may use Azure AD as an authentication provider for your Learnworlds school. All your users will be able to log in by using your Azure AD authentication.
In this article, we will demonstrate the setup process. Based on your infrastructure, you may need to alter some steps.
Create a new application with Azure AD
You will need to create a new application within your Azure AD.
1. Open your Azure portal and navigate to Azure Active Directory.
2. Open the Enterprise applications.
3. Create a New application in Azure.
4. Use Create your own application.
5. Give it a name and select the third option Integrate any other application you don't find in the gallery (Non-gallery).
Set up SAML SSO
Now that your application is ready, you need to set up the SAML SSO to be connected with your Learnwolrds school.
1. Navigate to Single sign-on and select SAML.
2. You will need to add the necessary information in the Basic SAML configuration section on Azure AD.
Visit your sign-up settings in your LearnWorlds school and copy the following on Azure ID.
LearnWorlds | Azure AD |
Service Provider (SP) URL | Identifier (Entity ID) |
Assertion Consumer Service (ACS) URL | Reply URL (Assertion Consumer Service URL) |
3. You need to get the below information as well and add it to your Learnworlds sign-up settings.
Azure AD | LearnWorlds |
Azure AD Identifier | IDP Identifier (Entity ID) |
Login URL | Sign-on URL |
Logout URL | Single Logout URL |
Certificate (Base64) | Identity Provider Certificate |
Find it on Azure AD.
4. In your LearnWorlds School go to Site Builder → Sign in/up and select SAML.
i. Add a new SAML
ii. Activate SAML and add a name for this SAML solution.
iii. Once you set up this information on your IDP and create the authentication application, you will need to update your school’s setup with the necessary information from your IDP:
a. IDP Identifier (Entity ID): this is the given IDP id for the created application.
b. Sign-on URL: this is the URL that the school will call to authenticate the user via the IDP.
c. Single Logout URL: in case you implement a single logout you may provide this URL. When the user logs out from Learnworlds the system will call this URL and the IDP will log out the user from all other Services.
d. Identity Provider Certificate: you need to pass the public certificate to authenticate the call.
e. Service Provider (SP) URL: it is your school SAML Service Provider (sp) URL that the IDP will use to identify your service.
f. Assertion Consumer Service (ACS) URL: this is the “Reply URL” that the IDP will use to inform your school (SP) if the user has been authenticated successfully.
g. Single Logout URL: The URL that will be used by the identity provider, to inform the service provider (your school) in case the user should be logged out; please paste this value to your identity provider, if needed.
h. Create User: Adds a new user to the school, if a user with this email does not already exist.
5. Click on Create to save your settings and you are all set. Your users may now Single Sign-On by using your favorite IDP.
If you're using SAML as an authentication method, it's mandatory to change the Site Navigation settings in the Payment Flow section for Logged-out users, as they will need to sign up/log in before proceeding to the payment page.
Also, you need to ensure that in all Payment Sections of your school's pages, 1-click Sales funnels, or the Payment Page of your school, the Sign in/up form option is set to hide since the user will not be able to sign in/up via the Learnworlds system.
Notes:
- You would need to add the users you want to access the Learnworlds school and also configure the Azure AD application to meet your needs.
- You need to use the LearnWorlds admin (school owner) account, to set up a Custom SSO URL or SAML for your LearnWorlds school; in case you misconfigure your setup, then only this account will be able to sign in to your school. Hence all the changes in the Sign in/up page regarding SSO will have to be made by the LearnWorlds admin.
- If you wish to use our built-in Affiliate Management program, you should consider not using the SSO solution, since it will not be feasible to use this feature and track sales.
- If you enable Azure AD, the LearnWorlds password update/reset functionality will not be available.
- If you want to use more than 3 custom SSO solutions please contact us at support@learnworlds.com.
Multiple Azure AD tenants are not supported.More details about Microsoft's Azure and SSO, are in the articles below.