Learner Hub Single Sign-On (SSO) redirects Learners to their IdP (Azure / Okta) credentials upon signing in. This article lists the steps required for a Phriendly Phishing Admin to configure SSO for the Learner Hub.
Required Actions:
- Ensure you have enabled Learner Hub
- Followed and read through Getting Prepared for Learner Hub checklist prior to configuring SSO in this guide.
- Creating a new Enterprise App is not required unless SSO for Admins has been configured
This article takes you through how to:
Configure Learner Hub SSO in Azure
Note: Azure Admin credential is required
1. Set-up Azure AD
1.1 Sign in to Azure Portal, select Enterprise applications, New Application
1.2 Select Create your own application
-
-
-
-
-
-
- Input name of your app
- Chose radio button, Integrate any other application you don't find in the gallery
- Click Create button
-
-
-
-
-
1.3 In the newly created application, ensure you have assigned the appropriate Users and Groups
-
-
-
-
-
-
- Select Single sign-on
-
Under Basic SAML Configuration, click edit and enter below details and click SAVE
-
-
-
Identifier (Entity ID):
-
-
-
-
- AU = urn:amazon:cognito:sp:ap-southeast-2_7K7i2on5r
- UK = urn:amazon:cognito:sp:eu-west-2_OOB2k0ZkU
-
-
-
-
- Reply URL (Assertion Consumer Service URL):
-
Identifier (Entity ID):
-
-
-
-
-
-
-
1.4 In the newly created application, under Attributes and Claim, final result should look like below
To edit and map as above,
-
-
-
-
-
-
- Select Single sign-on
- Under Attributes & Claims, click edit and match Claim Name: emailaddress with Value: user.mail
- Click SAVE once done.
-
-
-
-
-
1.5 In the newly created application,
-
-
-
-
-
-
- Select Single sign-on
- Under SAML Certificates, copy App Federation Metadata URL and keep it for later to configure in Phriendly Phishing platform.
-
-
-
-
-
2. Set-up SSO in the Phriendly Phishing Platform
2.1 Login to Phriendly Phishing
2.2 Navigate to Settings > Learner Hub > Learner Hub SSO Setting > Enabled
2.3 Copy the Metadata URL saved from Azure Portal and Save Settings
3. Log-in to Learner Hub using SSO
3.1 Login to Learner Hub, input registered email address
3.2 After entering the email, it will automatically redirect the Learner to Azure log-in page
3.3 After successful log-in Learner is redirected to Learner Hub.
Configure Learner Hub SSO in okta
Note: okta Admin credential is required
1. Set-up Okta
1.1 Sign into Okta Portal, choose Applications (left hand menu)
1.2 Select Create App Integration
1.3 Choose SAML 2.0 option and click Next
1.4 Input App name
1.5 In Create SAML Integration, enter below details:
-
-
-
-
-
-
-
Audience (SP Entity ID):
-
-
- AU = urn:amazon:cognito:sp:ap-southeast-2_7K7i2on5r
- UK = urn:amazon:cognito:sp:eu-west-2_OOB2k0ZkU
-
-
- Single Sign-on URL
-
Audience (SP Entity ID):
-
-
-
-
-
1.6 Scroll to Attributes Statements and set Name: email and Value: user.email. Click Next.
1.7 Input feedback (optional) and click Finish
1.8 Navigate to Applications >Created App Name > Sign On and copy the Metadata URL for later.
2. Set-up SSO in Phriendly Phishing Platform
2.1 Log into Phriendly Phishing
2.2 Navigate to Settings > Learner Hub > Learner Hub SSO Setting > Enabled
2.3 Copy the Metadata URL saved from Okta Portal and Save Settings
3. Log-in to Learner Hub using SSO
3.1 Log into Learner Hub, input registered email address
3.2 After entering the email, it will automatically redirect the Learner to the okta log-in page
3.3 After successful log-in Learner is redirected to Learner Hub.
If you have any questions or need assistance, please contact support@phriendlyphishing.com.
Comments
0 comments
Please sign in to leave a comment.