Incoming SAML 2.0 Single Sign-On with Azure AD


The main purpose of establishing a Single Sign On (SSO) process with Absorb is to allow your users a single point of entry into your system while providing them access to multiple other independent systems. With this process a user logs in with a single ID to gain access to a multitude of other systems without being prompted for different usernames and passwords.

Absorb LMS is listed in the Microsoft Azure Marketplace for quick and easy configuration. Microsoft Azure has a fantastic tutorial article that covers setting up SSO between Azure and Absorb end-to-end. Click here to view the tutorial.

When viewing this tutorial and configuring Azure single sign on- it is important to note that there are two errors in the information provided

Step 4 - the correct "Identifier" and "Reply URL" is  (legacy interface) or (current interface)

Step 6 - the correct information is  On the Set up Single Sign-On with SAML page, in the SAML Signing Certificate section, click Download to download the Certificate (Base64) from the given options as per your requirement and save it on your computer so you can enter the key into Absorb later on


IMPORTANT NOTE: The Single Sign-On URL in Azure (under advanced URL settings) must be left blank in order to use IdP mode.

Please note that SSO is an additional feature that usually involves an additional fee and technical resources on the client side to develop and/or configure the solution.

Disclaimer: Absorb LMS supports Incoming SAML 2.0 Single Sign-On as a feature, however we do not officially support any specific client-side (IdP) solution. Although Azure AD is known to generally work with our implementation of SAML SSO, it is the client's responsibility to configure/develop and maintain their side of the integration. This will require a client resource who is knowledgeable and familiar with your particular Azure AD environment. 

Published on
Have more questions? Submit a request


Please sign in to leave a comment.