Single Sign On (SSO) allows your learners to readily access eduMe without the need to create or sign in to another account
What's covered?
What's the benefit of using SSO?
How to set up SSO for learners
What's the benefit of using SSO?
eduMe supports OAuth2 and SAML based SSO
If your identity provider supports our SSO options, you can allow your users to access eduMe with the accounts they have in your systems instead of creating separate accounts. Additionally:
-
Users don't have to create and manage additional usernames and passwords
-
Disabling user access in your systems disables access in eduMe when people leave
-
If your SSO system supports additional security features such as multi-factor authentication, these can be used to secure your users' access to eduMe as well
How to set up SSO for learners
Prerequisites
The integration is based on Authorization Code based OAuth flow, plus an additional API request required to get basic user information from your systems. Here’s what information we’ll need in order to set up SSO links:
| Requirement | Description |
|---|---|
| client_id | OAuth Client ID you create for eduMe in your systems |
| client_secret | OAuth Client Secret you create for eduMe in your systems |
| login_url | Your SSO login page to which we redirect users for signing in. More specifically the base URL to which we add the required parameters: response_type=code, client_id, redirect_url, scope, and state |
| get_token_url | Your authorization server's token endpoint which allows us to get a bearer token from authorization code |
| get_user_url | Endpoint to get a user (using the token as auth) |
| user_fields | Listing of which fields in the get user response to extract basic user information from |
| company_name | (Optional) Override how your company is referred to when presenting the users with a link saying "Sign in with your account" |
Technical requirements
What you need to do in your systems depends on whether your systems are based on a commercially available identity product that already supports OAuth2, or if they are bespoke systems.
In the former case, you may need to just configure eduMe as a new SSO client, creating the ID and secret listed above, whereas in the latter you will likely need to integrate additional libraries to your systems to support OAuth2.
Demonstration
Here's a short video of the Learner experience accessing eduMe content via SSO using Google as the Identity Provider. This illustrates the open sign-up user experience where the Learner has received an email or other notification containing the course link.
If you have any questions regarding SSO please contact your Customer Success Manager directly.