Security Assertion Markup Language (SAML) is an open standard that enables secure single sign-on (SSO) by exchanging authentication and authorization data between systems. It allows an Identity Provider (IdP) to authenticate a user and securely pass that authentication information to a Service Provider (SP), giving users access without requiring separate login credentials.
How to configure:
- Ensure you have administrator access to both your Identity Provider (IdP) and the Service Provider (application/LMS).
- Log in to your Identity Provider (for example, Okta, Azure AD, ADFS).
- Create a new SAML application.
- Configure the required SAML settings:
- Assertion Consumer Service (ACS) URL
- Entity ID (Audience URI)
- NameID format (commonly email address)
- Download or copy the IdP metadata, including:
- SSO Login URL
- X.509 Certificate
- Issuer / Entity ID
- Log in to the Service Provider as an administrator.
- Open the SAML SSO configuration settings.
- Enter the IdP details:
- SSO URL
- Issuer
- X.509 Certificate
- Map user attributes (such as email, first name, and last name) if required.
- Save the configuration.
- Test the SAML SSO connection to confirm users can log in successfully.
- Click Save.