This is a quick guide on how to use Okta as your Authentication Provider for your Learnworlds school. Based on your setup, you might alter these steps to meet your needs.
Create a new application with Okta
1. On the admin console, choose Applications → Applications → Create App Integration.
2. Select SAML 2.0 as a Sign-in method.
3. In your LearnWorlds school, go to Website → Website settings → Authentication and select SAML.
a. Add a new SAML
b. Activate SAML and add a name for this SAML solution.
c. From the LearnWorlds configuration page, copy the corresponding info.
LearnWorlds | OKTA |
Service Provider (SP) URL | Audience URI (SP Entity ID) |
Assertion Consumer Service (ACS) URL | Single sign-on URL |
Paste it into your Octa configure SAML tab.
4. Press Next, and on the next tab select I’m an Okta customer adding an internal app and then Finish.
Set up SAML SSO
You need to add the correct setup information to your Learnworlds school.
1. From the application’s Sign-on tab, press View Setup Instructions.
2. You will need to copy the following values to your Learnworlds setup.
OKTA | LearnWorlds |
Identity Provider Single Sign-On URL | Sign-on URL |
Identity Provider Issuer | IDP Identifier (Entity ID) |
X.509 Certificate | Identity Provider Certificate |
Find in OKTA the necessary info.
And paste it into your LearnWorlds school.
You are set to test and enjoy your SAML SSO integration; of course, do not forget to assign users to your new OKTA application.
If you're using SAML as an authentication method, it's mandatory to change the Site Navigation settings in the Payment Flow section for Logged-out users, as they will need to sign up/log in before proceeding to the payment page.
Also, you need to ensure that in all Payment Sections of your school's pages, 1-click Sales funnels, or the Payment Page of your school, the Sign in/up form option is set to hide since the user will not be able to sign in/up via the Learnworlds system.
- If you set up an SSO solution and disable the LearnWorlds login, all the users will be redirected to the SSO provider to authenticate, LearnWorlds passwords will no longer be valid. The users need to exist or sign up with the SSO authentication provider. The change of the authentication provider will only change the authentication mechanism, all the user data as well as their roles (admin, instructor, etc.) will be intact.
- The SSO mechanism uses the user’s email address to identify the user (unique key); therefore, to change the user's email address, you need to manually update the new email both in your school and on your IDP.
Furthermore, you may use the bulk import (and enroll) functionality in case you need to import users that already exist in your SSO provider.
- If you revert to LearnWorlds authentication, users created via the SSO authentication will need to create a new password. Passwords can be changed:
- By the user via the forgot password mechanism
- By the admin reset and/or update password mechanisms
- The LearnWorlds password update/reset functionality as well as sign-up are only available for the Default LearnWorlds Authentication mechanism. Any other SSO authentication mechanisms will need to handle these functionalities.
- In case you misconfigure the custom SSO setup and this is the only available authentication mechanism, then only the Learnworlds School Owner account will be able to sign in to your school via our Learnworlds account sign-in page (https://account.learnworlds.com/login)
- The built-in Affiliate Management program can not be used for users who use SSO providers to sign in
- If you want to use more than three custom SSO, SAML, or OpenID solutions in total, please contact us at support@learnworlds.com. In case you are on the Learning Center plan you can also add 3 more by purchasing our scale package.