Single Sign On (SSO) for Web Users

Single Sign On (SSO) allows your learners to readily access eduMe without the need to create or sign in to another account

What's covered?

What's the benefit of using SSO?

How to set up SSO for learners

Prerequisites

Technical requirements

Demonstration


What's the benefit of using SSO?

eduMe supports OAuth2 and SAML based SSO

If your identity provider supports our SSO options, you can allow your users to access eduMe with the accounts they have in your systems instead of creating separate accounts. Additionally:

  • Users don't have to create and manage additional usernames and passwords

  • Disabling user access in your systems disables access in eduMe when people leave

  • If your SSO system supports additional security features such as multi-factor authentication, these can be used to secure your users' access to eduMe as well


How to set up SSO for learners

Prerequisites

The integration is based on Authorization Code based OAuth flow, plus an additional API request required to get basic user information from your systems. Here’s what information we’ll need in order to set up SSO links:

 
Requirement Description
client_id OAuth Client ID you create for eduMe in your systems
client_secret OAuth Client Secret you create for eduMe in your systems
login_url Your SSO login page to which we redirect users for signing in. More specifically the base URL to which we add the required parameters: response_type=code, client_id, redirect_url, scope, and state
get_token_url Your authorization server's token endpoint which allows us to get a bearer token from authorization code
get_user_url Endpoint to get a user (using the token as auth)
user_fields Listing of which fields in the get user response to extract basic user information from
company_name (Optional) Override how your company is referred to when presenting the users with a link saying "Sign in with your account"

Technical requirements

What you need to do in your systems depends on whether your systems are based on a commercially available identity product that already supports OAuth2, or if they are bespoke systems.

In the former case, you may need to just configure eduMe as a new SSO client, creating the ID and secret listed above, whereas in the latter you will likely need to integrate additional libraries to your systems to support OAuth2.

Demonstration

Here's a short video of the Learner experience accessing eduMe content via SSO using Google as the Identity Provider.  This illustrates the open sign-up user experience where the Learner has received an email or other notification containing the course link.  

HubSpot Video

If you have any questions regarding SSO please contact your Customer Success Manager directly.