Configuring SSO with Azure Active Directory

This article will guide Admin users step-by-step on how to configure SSO using Azure Active Directory (AD)

Single Sign On (SSO) is a great way to further simplify the EdApp login process for your learners.  SSO is a process where learners can sign in to EdApp using the credentials that are used to access their own organization's portals, so that there’s no need for the learner to keep track of separate credentials for their EdApp accounts. 

Configuring SSO for your EdApp training program using Azure AD is straightforward, and can be done in as little as 15 minutes.

If you’d like domain recognition enabled for SSO, please reach out to us via live chat or your EdApp program manager - we would be happy to help.

 

Configure SSO in Azure AD

First, let’s start with setting up SSO in Azure AD (we’ll move on to setting this up in EdApp once this part is completed).

 

Step 1:  Sign in to the Azure portal using your Azure Active Directory administrator account. Browse to the Active Directory > Enterprise Applications > New application > Non-gallery application section.

 

Step 2: Fill in "EdApp" as the application name, select Add.

Azure portal will redirect to the app overview page. Select Single sign-On > SAML

 

Step 3: Update Basic SAML Configuration

  • Fill in Identifier (Entity ID) with https://admin.edapp.com
  • Fill in Reply URL with https://api.edapp.com/sso-saml-callback/<unique-company-identifier>
  • Fill in Logout URL with https://api.edapp.com/sso-logout/<unique-company-identifer>
  • The following example has <unique-company-identifier> as uniqueEdCustomerCompanyId you can make this up but ensure that it is identifiable and easy for your learners to type in e.g. companyname

 

Step 4: Download Certificate (Base64) from SAML Signing Certificate section.

 

Consider yourself halfway done! Now that we’ve managed to set up SSO in Azure AD, we’re ready to configure SSO in EdApp.

 

Configure SSO in EdApp

 

Step 1: Sign in to Ed LMS using your Ed Admin account, and click on the dropdown arrow located on the upper right of your screen. Select Single Sign-On.

 

You’ll then arrive to your Single Sign-On page, where you can tick the box next to Enable Single Sign-On in order to expand the page to see the SSO fields below:

 

 

Step 2: Fill in Company ID with the same unique company identifier as above. E.g. uniqueEdCustomerCompanyId

 

Step 3: Fill in SSO URL with the Login URL from Set up EdApp section.

 

Step 4: Fill SAML Entity ID with https://admin.edapp.com

Leave Assign user groups with SAML empty, as it is not applicable in this case

The SAML certificate file is optional; please reach out to an EdApp support member for assistance with uploading the SAML certificate.

 

 

Congratulations!  You’ve just configured your EdApp account with SSO, using Azure AD.  At this point, we recommend completing a round of successful testing by attempting login via SSO.  If you get stuck at any point along the way, be sure to reach out to our live chat desk, or your EdApp account manager - we’d be happy to lend a helping hand.  Additionally, feel free to share this Learner Guide for logging into EdApp using SSO with your users.

 

If you’d like to learn about Dynamic User Groups, which is great for mapping via SSO, then we recommend checking out the Admin Guide for setting up Dynamic User Groups using Azure AD.