Submit a ticket My Tickets
Welcome
Login  Sign up
Open navigation

How to Use Salesforce with Learnworlds SAML SSO

Availability
Starter
Pro Trainer
Learning Center
High Volume & Corporate


In this article, we'll explore how to set up and use Salesforce as an Identity Provider (IdP) for your LearnWorlds school using the SAML protocol. This integration simplifies user access and enhances your platform's security. Below, you'll find a step-by-step guide to help you get started

Enabling Salesforce as an Identity Provider

1. Log in to Salesforce as an Administrator

2. Click on the Cog icon → Open Advanced setup.

3. While on the Setup tab, type Identity Provider in the Quick Find box, and select the Identity Provider option. 4. Click on Enable Identity Provider.

5. Select a certificate from the drop-down menu or create a new one.


Create a connected app for SAML 2.0

In Salesforce, while you are on the Setup tab, search in the Quick Find box for App manager and select it. Click on New connected app. Fill in the Connected App Name, API name, and Contact email with your information. You can name the app as you like (i.e., Training center). Under Web App Settings, check the Enable SAML checkbox.

You also need to add your Learnworlds SP metadata, located in your LearnWorlds school (see below how to find them), in Salesforce. You need to copy information from your school to Salesforce as shown below:


LearnWorldsSalesforce
Service Provider (SP) URLStart URL Entity ID
School URLEntity ID
Assertion Consumer Service (ACS) URLACS URL
Single Logout Endpoint
Single Logout URL

Find Learnworlds SP metadata

Navigate to your school on Website Website SettingsAuthentication. Click on Create New SAML and fill in the information.


The necessary information, including the Service Provider (SP) URL and the Assertion Consumer Service (ACS) URL, can be found there. Copy this information and paste it into Salesforce.

If you wish to enable Single Logout, check the Enable Single Logout checkbox in Salesforce and enter your LearnWorlds Single Logout URL. Select HTTP redirect as the Single Logout Binding. Click Save at the bottom of the page.


Gathering Salesforce IdP info

From Setup, in the Quick Find box, search for App Manager and click to Manage the Learnworlds SSO connected app. This time, you need to copy from Salesforce and paste it into your school. You should add the information as shown below: 


SalesforceLearnworlds
Issuer  IDP Identifier (Entity ID) field
SP-Initiated Redirect Endpoint
Sign-on URL
IDP certificate
Identity Provider Certificate
Single Logout URL
Single Logout URL


Configure the attribute mapping

It is advised to add attributes for First Name and Last Name in your Salesforce app. This will ensure that the user's first and last name, as defined in Salesforce, are automatically populated in the username field within LearnWorlds. Otherwise, the user's email address will be used as their username in LearnWorlds, which we do not recommend.


  1. From Setup, in the Quick Find box, search for Apps, then select App Manager.
  2. Locate the LearnWorlds SSO app you have created, and select View.
  3. Scroll down to Custom Attributes and click New. 

Learnworlds supports the following attributes:

  • firstname
  • lastname

  • If you set up an SSO solution and disable the LearnWorlds login, all the users will be redirected to the SSO provider to authenticate, LearnWorlds passwords will no longer be valid. The users need to exist or sign up with the SSO authentication provider. The change of the authentication provider will only change the authentication mechanism, all the user data as well as their roles (admin, instructor, etc.) will be intact. 
  • The SSO mechanism uses the user’s email address to identify the user (unique key); therefore, to change the user's email address, you need to manually update the new email both in your school and on your IDP.

    Furthermore, you may use the bulk import (and enroll) functionality in case you need to import users that already exist in your SSO provider.

  • If you revert to LearnWorlds authentication, users created via the SSO authentication will need to create a new password. Passwords can be changed: 
    • By the user via the forgot password mechanism
    • By the admin reset and/or update password mechanisms
  • The LearnWorlds password update/reset functionality as well as sign-up are only available for the Default LearnWorlds Authentication mechanism. Any other SSO authentication mechanisms will need to handle these functionalities. 
  • In case you misconfigure the custom SSO setup and this is the only available authentication mechanism, then only the Learnworlds School Owner account will be able to sign in to your school via our Learnworlds account sign-in page (https://account.learnworlds.com/login)
  • The built-in Affiliate Management program can not be used for users who use SSO providers to sign in
  • If you want to use more than three custom SSO, SAML, or OpenID solutions in total, please contact us at [email protected]. In case you are on the Learning Center plan you can also add 3 more by purchasing our scale package.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.