This article provides details and instructions on how to configure Single Sign-On (SSO) for your Learners who use the SkillSync Learning Mobile App.
-
Learners with a username/password combination can manually log in to your organization's SkillSync LMS portal using the SkillSync Learning Mobile App.
- If your organization uses Service Provider Initiated Mode SAML SSO, you do not need to take any further steps. Your Learners are able to log in to the mobile app using that current SSO configuration.
- If your organization uses Identity Provider Initiated Mode SAML SSO, your Learners will not be able to log in to the mobile app unless you do one of the following:
-
Option A: Update your SkillSync LMS Portal SSO configuration from Identity Provider (IdP) Initiated Mode to Service Provider (SP) Initiated Mode.
- Option B: Add a new SSO configuration using Service Provider (SP) Initiated Mode, and associate it with a new LMS Route.
-
Option A: Update your SkillSync LMS Portal SSO configuration from Identity Provider (IdP) Initiated Mode to Service Provider (SP) Initiated Mode.
For more information about SkillSync SAML SSO, check out the Incoming SAML 2.0 Single Sign-On article.
The ADP Connector SSO is not currently supported by the SkillSync Learn Mobile App, and you will need to leverage a separate Service Provider Initiated SAML SSO if this workflow is preferred for mobile app Learners.
Updates for Identity Provider Initiated Mode SAML SSO
Option A: Update LMS Portal Configuration
- Log in to the Admin Experience in your SkillSync LMS portal.
- Click on the Account icon in the top right corner of the screen.
- Click Portal Settings in the sidebar menu.
- On the Portal Settings page, click Mange SSO Settings in the sidebar menu.
- Update your SSO configuration to the following:
-
Mode: Update selection to Service Provider Initiated.
-
Login URL: Update this URL address value to the SAML request endpoint of your Identity Provider.
-
Mode: Update selection to Service Provider Initiated.
- Confirm that your Identity Provider LMS Route is set up as an Identifier/Entity ID.
Option B: Create a New LMS Route
- Submit a request to SkillSync Support (support@absorblms.com) to create a new LMS Route associated with your SkillSync LMS portal.
- Once the new LMS Route has been created, you will need to update your SkillSync LMS portal SSO Settings. Log into the Admin Experience in your SkillSync LMS portal.
- Click Portal Settings in the sidebar menu.
- On the Portal Settings page, click Mange SSO Settings in the sidebar menu.
- In the Manage Single Sign-On Settings page, click the Add button.
- Create a new SSO configuration separate from your current primary one, using Service Provider Initiated Mode.
- In your Identity Provider create a new configuration using the new LMS Route.
Enable Optional SSO Settings for the Mobile App
The following code should be shared with your IT department. Your cloud-based iDP setting must be configured as the final step to enable your Learners to use SSO to login to the SkillSync Learn Mobile App.
In your cloud-based iDP (e.g. OneLogin, Okta, Azure AD, Auth0), you will also need to configure a new entry with the following:
-
Identifier:
<additional route added to SkillSync LMS that is assigned to your Service Provider Initiated,
SAML SSO setting, e.g. https://<clientname>mobile.myabsorb.com
-
Reply URL:
https://<clientname>mobile.myabsorb.com/api/rest/v2/authentication/saml
-
Unique user identifier:
<same as the value used for “Id Property” in the Service Provider Initiated, SAML SSO setting
in the SkillSync LMS above>
-
Relay State: < leave blank>
Because this is passed in when the mobile app calls the iDP in order to ultimately, after several redirects from between the LMS Service Provider, https://<clientname>mobile.myabsorb.com/api/rest/v2/authentication/saml, and your iDP, relay back to the mobile app after the SAML token and learner token are obtained.
Comments
0 comments
Article is closed for comments.