How to Set Up Single-Sign-On with Azure

Updated 8 months ago by Alex Alberti

Organization Administrator access to your organization’s LearnPlatform account
Azure Administrator access through your organization
Your organizations subdomain must be listed in LearnPlatform's setting configurations

Sign in to your LearnPlatform administrator account, click on:
Settings > Single Sign On > Single Sign On Type > SAML 2.0

Toggle on the Use organization domain for callback urls at the bottom of your Single-Sign-On page.

In a separate window or tab, sign in to your Azure portal.
Search for Enterprise Applications > Select Enterprise Applications > Click New Application > Click Create your own application
From the pop-up box on the right titled “Create your own application”
1. Fill in the name you want to appear in Azure’s MyApps (e.g. “LearnPlatform”)
2. Ensure that the options “Integrate any other application you don't find in the gallery (Non-gallery)” is selected
3. Click Create

From the App Overview page, select Properties from the left menu.
1. Download the following image to use as the icon for your custom SAML app. Upload this image as the App Icon.
2. Select file to upload.
3. Click Save

Navigate back to the Overview screen, click Setup single sign on > Get Started, click SAML, click the Edit button for the Basic SAML Configuration section.

While in the the Basic SAML Configuration pop up screen
1. Copy the metadata url from the Single Sign-On setup screen in the LearnPlatform tab (bottom of the SSO setup screen)

Paste this URL into the Identifier (Enitity ID) text box in Azure Portal’s Basic SAML Configuration.

Copy the callback url from the Single Sign-On setup screen in the LearnPlatform tab (bottom of the SSO setup screen)

Navigate back to Set up Single Sign-On with SAML in the Azure portal and click Edit on the Attributes & Claims section.
From Attribute and Claims page, select either Claim name for name/user principal (if your email address is the same as your Azure login id) or email (if your Azure login id is different from your email address). This email address must match the email address of the user in LearnPlatform.

Paste this value into the Email Attribute text box on the LearnPlatform Single Sign-On setup screen

Paste this value into First Name Attribute text box on the LearnPlatform Single Sign-On setup screen

Paste this value into Last Name Attribute text box on the LearnPlatform Single Sign-On setup screen

Navigate back to Set up Single Sign-On with SAML in the Azure portal and scroll to the SAML Signing Certificate section and click the Download link for Certificate (Base64).

Open this downloaded file in a text editor and copy all the text in the file.
Paste this certificate text into the Certificate text box on the LearnPlatform Single Sign-On setup screen. The text should appear similar to the below:

Navigate back to Set up Single Sign-On with SAML in the Azure portal and scroll to the Set up LearnPlatform section.
1. Click the Copy to clipboard button for Login URL

Paste the Login URL into the Identity Provider Redirect URL text box on the LearnPlatform Single Sign-On setup screen.

Paste the Login URL into the Identity Provider Redirect URL text box on the LearnPlatform Single Sign-On setup screen.

While still in the LearnPlatform Application details in the Azure portal
Select Users and Groups
1. Add User/Group
2. Select the users and groups you want to have access to LearnPlatform from Azure’s MyApps portal.
3. Click Assign

Log into https://myapps.microsoft.com/ with a user assigned to the LearnPlatform application
Ensure that a LearnPlatform tile is present.
Clicking on the tile should log the user into LearnPlatform

You are all set!

If you have questions or need additional support, please take a look at Troubleshooting my Single Sign On (SSO) for SAML or email support@learnplatform.com.