iSpring Learn SSO with Azure AD + SAML

Azure Active Directory (Azure AD) is a part of the cloud service Microsoft Azure which makes it possible to enjoy SSO (Single sign-on) without employing on-prem AD FS (Active Directory Federated Services). Basically, it is a cloud alternative to Microsoft Active Directory. In this scenario there is no need to maintain an on premise infrastructure, the setting up process is rather easy and it works with most of cloud based services.

Requirements

Microsoft Azure account with Azure AD Premium activated

Azure AD Set up

  1. Go to Azure Active Directory. On the sidebar, select Enterprise applications.

  2. On the top bar, select Add. From the Gallery, select Non-gallery application.

  3. In the ‘Add your own application’ preview window, enter the name of the application (e.g., iSpring Learn SSO).

    Note: If you do not have Azure AD Premium activated, you will not be able to enter the name of the application and a corresponding error message will appear.

  4. Click Add and wait until the application is added. After that, you will be redirected to the Application Settings window. In the sidebar menu, select Users and groups. In the top bar menu, click Add to add users or user groups who need to have access to this application.

  5. In the sidebar menu, select Single sign-on. Mode, from the dropdown list, select SAML-based Sign-on.

    Select the Show advanced URL settings and enter the following:

    Identifier

    https://yourdomain.ispringlearn.com/module.php/saml/sp/metadata.php/default-sp

    Reply URL

    https://yourdomain.ispringlearn.com/module.php/saml/sp/saml2-acs.php/default-sp

    Relay State

    https://yourdomain.ispringlearn.com/sso/login

  6. Select user.mail: as User Identifier

  7. Select the View and edit all other user attributes checkbox. In the list, delete the existing Attribute, which has the email of the user, emailaddr. Click on the icon with three dots to the left of the attribute and select Delete.

  8. Select Add attribute. Enter email as Name and user.mail as Value.

    You can delete all the other attributes; you won’t need them for SSO.

  9. Select Create new certificate. In the menu, choose the expiry date of the certificate and click Save.

  10. Select the Make new certificate active and Show advanced certificate signing settings checkboxes.
    Select SHA-1 for Signing Algorithm.

  11. Select Configure iSpring Learn SSO. There, you will see a window with the information you need for setting up the iSpring Learn side.

iSpring Learn setup

  1. Log into your iSpring Learn account and go to https://yourdomain.ispringlearn.com/settings/sso

  2. Fill it out with the information you got when you created a new certificate (step 10)

    Metadata URL

    SAML Entity ID

    Sign On Url

    SAML Single Sign-On Service URL

    Logout Url

    Sign-Out URL

    Go back to the previous page of the Azure settings and use the Thumbprint value of the certificate as the Certificate Fingerprint value.

Was this article helpful?

Thanks for your feedback!

How can we help you?

EMAIL
MESSAGE

Your request to iSpring has been submitted.

Please check your email for support replies. We reply to every message asap. If you don't hear back from us, check your spam folder and add to your list of approved senders.

Oops! Something went wrong...

Please contact them at .