When a user logs in to iSpring Learn for the first time with one of single sign-on technologies, their account is created in the LMS. The only field which is always passed to iSpring Learn when authorizing via SSO is the Login field.
If you already have a service for SSO (for example, ADFS or Okta) which can pass user profile fields to iSpring Learn, you may want to make the user profile in the LMS filled out automatically. However, fields in iSpring Learn and in a SSO service could be named differently. For instance, the Job Title field in the LMS might correlate to the job_title field in SSO.
To get all the fields in the user profile filled out correctly, match fields in iSpring Learn and in the SSO service.
In ADFS, in the Outgoing Claim Type column, some field values should be entered manually, for example sub.
Added fields will be synchronized when a user logs in to the LMS. That is to say, the value of the Title field in SSO will be passed to the Job Title field in iSpring Learn.
Synchronized data overwrite values previously entered in the profile field manually. |
If the data wasn't passed or the field name was mistyped, the information in iSpring Learn won't be updated, no error message will pop up. |
In the Active Directory user profile, the Email field value should be unique or empty. The Email field can be empty, provided that it is not a required field in the iSpring Learn LMS user profile. |
A 401 Unauthorized error may display in iSpring Learn after authorizing a user. The reason of the error is that the user's personal account was deactivated in the LMS. The administrator needs to activate the user. |