When SSO is enabled, enterprise customers will be able to manage employee authorization and authentication to their Udemy for Business learning site from their corporate identity system. Udemy for Business (UFB) supports federated authentication via SAML 2.0-based Single Sign-On (SSO).
In this tutorial, we will configure OneLogin using the metadata provided by the Udemy for Business team or the metadata downloaded from here [linked].
This article will cover all the key steps to add and configure Udemy for Business SSO for Onelogin. You may, however, also want to refer to this Onelogin article for additional details.
Steps to Configure Udemy for Business and Onelogin:
- Add an App in OneLogin
- Configure Application Details
- Set the Parameters for the App
- Assign Users and Groups to the application
- Download metadata (to share with Udemy for Business Team)
Add an App
Start by navigating to Apps > Add Apps in the OneLogin administrator dashboard. Next, search for SAML Test Connector (IdP w/attr) and select the first result from the search results.
Select Add App:
On the Find Applications page, search for SAML Test Connector (IdP w/ attr w/ sign response) and select theresult from the search results.
Then, set the Display Name, Icon and Save the application. Onelogin will take you to the application Info page, where you will navigate to the Configuration tab. You should be able to fill in all the values based on your metadata.
Configure the Application Details
Configure the Application Details (Continued)
The following Application details should be pre-configured as long as you selected the SAML Test Connector (IdP w/ attr w/ sign response) in the previous step.
[This is your vanity url]
- ACS (Consumer) URL Validator*
- ACS (Consumer) URL
Next, go to the Parameters tab. Here you can add/edit attributes that are sentin the SAML assertion. By clicking on 'Add parameter', you can add new parameters with a field name. When adding new parameters, don't forget to check the flag to include new fields in the SAML assertion. Once a new parameter is added, click on it and set the value for it.
Udemy for Business SAML 2.0 supports the following attributes (please note: all attributes are case sensitive).
- SCIM.email the unique email of the user
- SCIM.name.givenName the given (or rst) name of the user
- SCIM.name.middleName the middle name (if any) of the user
- SCIM.name.familyName the family (or last) name of the user
- SCIM.name.formatted the fully formatted name of the user
- groups the list of groups to which user belongs
- externalID the user ID specified by customer
Set the Parameters for the App
Configure User Access to the App
In the Access tab and Users tab, configure the users’ access for the newly created app (either by adding Udemy for Business app to a role (recommended), or adding the app to a specific user).
Please see this Onelogin article for details.
Save the Application Metadata
Save the application and in the More Actions dropdown options, click on SAML Metadata.
Next, download the metadata and send it to your contact on the Udemy for Business team.
You have now completed configuring SSO for Udemy for Business with OneLogin.
Additional information about OneLogin is available in their Knowledge Base.