This guide provides the steps required to configure Single Sign-On using Security Assertion Markup Language (SAML 2.0) and Provisioning using System for Cross-domain Identity Management (SCIM 2.0) for Udemy for Business.
Existing Okta and Udemy for Business customers who wish to enable SCIM Provisioning in Okta should use this configuration guide.
- Single sign-on and provisioning are available to Udemy for Business Enterprise Plan customers.
- Users provisioned through Okta will not take up a license until they log into the Udemy for Business application for the first time.
- SCIM provisioning changes can only be synced from Okta to Udemy for Business, not the other way round.
- Users and Groups managed by SCIM in Okta cannot be changed within the Udemy for Business app - SCIM is the single source of truth for user and group data.
- Supported SAML attributes
- Configuration Steps
Udemy for Business supports the following SAML attributes
Please note: all attributes are space and case sensitive and do not include the colon.
email : the unique email of the user
firstName : the first name of the user
middleName : the middle name (if any) of the user
lastName : the last name of the user
displayName : the fully formatted name of the user
Name ID : an identifier that can be used in cases where a name is duplicated
groups : the list of groups to which the user belongs
externalID : Okta automatically populates the externalID attribute field with the Okta User ID. If you wish to persist your own unique user IDs then you can complete this on Okta by following this article, Setup SSO, and mapping your udemy external ID attribute.
1a - To get started, log into your Udemy for Business account and go to Settings > Single Sign-On (SSO). Click Start setup, choose your Identity Provider from the list and follow the instructions to configure SSO and input your Identity Provider Metadata to automatically create the SSO connection with Udemy for Business.
1b - While still within your Udemy for Business account you can access the necessary details to set up SCIM Provisioning which automates user and group management.
Access the tab under SSO called Provisioning (SCIM). Click Start setup, choose your Identity Provider and follow the instructions from there to enable SCIM and generate your credentials for inputting into your Identity Provider as part of the configuration process.
2 - From your Okta's Dashboard, use the top menu to access the Applications page.
3 - Click on the button Add Application, search for Udemy for Business and click Add.
4 - Adding Udemy for Business app will redirect you to the Application General Settings - Required page as shown below.
5 - Add the Audience URI (SP Entity ID) value below into the corresponding field and click Done.
6 - Click on Sign On tab to start the SSO configuration.
7 - Click on Identity Provider metadata, save the metadata file or copy the metadata URL with your organization's metadata.
Access the SSO section of your Udemy for Business account again, and on the configuration page, choose the appropriate metadata configuration method and follow the instructions to create the SSO connection with your Identity Provider and Udemy for Business.
8- Click Save setup, SSO setup is now complete!
For SP-initiated SSO
1- Go to https://[your-subdomain].udemy.com
2- Click on Continue with SSO
If you wish to continue and set up SCIM Provisioning in Okta please use this configuration guide.