Introduction
The main purpose of establishing a Single Sign On (SSO) process with Absorb is to allow your users a single point of entry into your system while providing them access to multiple other independent systems. With this process a user logs in with a single ID to gain access to a multitude of other systems without being prompted for different usernames and passwords.
This article discusses configuration of SSO using Auth0. For the purposes of this article the Absorb system will act as the Service provider (SP). Your Auth0 account will act as the Identity Provider (IdP).
Please note that SSO is an additional feature that usually involves an additional fee and technical resources on the client side to develop and/or configure the solution.
Disclaimer
Absorb LMS supports Incoming SAML 2.0 Single Sign-On as a feature, however we do not officially support any specific client-side (IdP) solution. Although Auth0 is known to generally work with our implementation of SAML SSO, it is the client's responsibility to configure/develop and maintain their side of the integration. This will require a client resource who is knowledgeable and familiar with your Auth0 instance. This guide is provided to our clients as a convenience only, based on our experience working with clients who employ Auth0.
Table of Contents
Part 1: Creating a Client
See https://auth0.com/docs/clients for more information on creating a client.
Note: To enlarge image thumbnails, right-click on the image and choose to open in a new tab or window.
Step | Action | Image |
---|---|---|
1. | Navigate to the Applications page and click Create Application. | |
2. | Select Regular Web Applications. |
Part 2: Review the Client Settings
Note: To enlarge image thumbnails, right-click on the image and choose to open in a new tab or window.
Step | Action | Image |
---|---|---|
1. | Token Endpoint Authentication Method: Post | |
2. | Allowed Callback URLs: This is the URL where your Absorb LMS is hosted e.g. https://companyname.myabsorb.com OR https://some.custom.url |
|
3. | Allowed Logout URLs: This is the URL users will be redirected to when they log out (requires some additional setup, covered later in this guide). |
|
4. | Scroll to the bottom of the application's page and click on "Show Advanced Settings". | |
5. | In the expanded window, click on "Certificates" to bring up the Certificates section. Click on the "DOWNLOAD CERTIFICATE" In the pop up which appears, select the CER certificate format. Save the downloaded file. | |
6. | Click on Endpoints to bring up the Endpoints section. | |
7. | Copy the contents of the "SAML Protocol URL" field. You will need to provide this to Absorb. | |
8. | Scroll up to the top of the page and click on the "Addons" link. Click the box labeled "SAML2 WEB APP" | |
9. |
In the "Application Callback URL" field, enter the URL to which the SAML assertions should be sent after the user has been authenticated by Auth0. This URL will follow the format: https://company.myabsorb.com/api/rest/v2/authentication/saml* or |
|
10. |
Modify the SAML Settings as appropriate.
{ |
Part 3: Absorb Setup
Note: To enlarge image thumbnails, right-click on the image and choose to open in a new tab or window.
Step | Action | Image |
---|---|---|
1. |
Login to the Absorb admin portal as a System Admin and navigate to Portal Settings. From Portal Settings, there is a button in the right-side context menu labelled Manage SSO Settings. If you can't see this button, please contact your Absorb Client Success Manager to discuss enabling the feature. |
|
2. | Once you have clicked the button, you will be brought to the Manage Single Sign-On Settings page. Any existing configurations will appear here, as well as the option to Add a new one. | |
3. |
Click Add and fill in the fields as shown below.
|
|
Absorb Side: |
||
AuthO Side:
|
||
|
||
Comments
Please sign in to leave a comment.