Udemy Business supports federated authentication via SAML 2.0-based Single Sign-On (SSO). When SSO is enabled, Enterprise Plan customers will be able to manage employee authorization and authentication to their Udemy Business learning site from their corporate identity system.
This article will cover all the key steps to add and configure Udemy Business SSO for OneLogin. You may, however, also want to refer to this OneLogin article regarding configuring apps for additional details.
Learn how to configure advanced SSO settings on an organizational level.
Features
Udemy Business supports the following SAML attributes
Please note: all attributes are space and case-sensitive and do not include the colon. Please copy paste directly from the list below to ensure proper formatting:
Required attributes
-
email : the unique email of the user
Optional attributes
- firstName : the first name of the user
- middleName : the middle name (if any) of the user
- lastName : the last name of the user
- displayName : the fully formatted name of the user
- Name ID : an identifier that can be used in cases where a name is duplicated
- groups : the list of groups to which the user belongs
- externalID : a unique user ID specified by the customer
- lmsUserID : a unique user ID specified by the customer
Steps to Configure Udemy Business and Onelogin:
- Add Udemy Business app from the OneLogin app catalog
- Download SAML metadata (to upload into your Udemy Business account)
- Upload OneLogin SAML metadata to Udemy Business account
- Assign users to the Udemy Business application in OneLogin
Step 1: Add Udemy Business app from the OneLogin app catalog
Start by navigating to Applications > Add App in the OneLogin administrator dashboard. Next, search for “Udemy Business” in the App Catalog.
Select Add App:
Search for and click Udemy Business:
Click on Save to add the application:
Navigate to the Configuration tab and enter in your Udemy Business subdomain and then save. For example, if your company name is Acme Co. and your Udemy Business domain is https://acmeco.udemy.com, you would enter acmeco into the text field:
Step 2: Download SAML metadata (to input into your Udemy Business account)
Still in the Udemy Business Application tab from the previous step, navigate to the More Actions button:
And click the SAML Metadata button to download the SAML Metadata file. Save the file for the next step:
Step 3: Upload OneLogin SAML metadata to Udemy Business account (Note: For this step you will need Udemy Business Admin access)
In your Udemy Business account, navigate to Manage > Settings > Single Sign-On (SSO):
Select the Single Sign-On tab from the left hand menu.
Click the Start setup drop down and select OneLogin:
Add a Connection Name, select the OneLogin Metadata file from the last step, and click Save:
Step 4: Assign users to the Udemy Business application in OneLogin
Back in your OneLogin account, in the Access tab and Users tab, configure the users’ access for the newly created app, either by adding Udemy Business app to a role (recommended), or adding the app to a specific user. Please see OneLogin's article regarding how to assign users to applications.
You have now completed configuring SSO for Udemy Business with OneLogin.
Users or roles which have been added to the Udemy Business account should now successfully be able to login and authenticate via OneLogin SSO!
Additional information about OneLogin is available in the OneLogin Knowledge Base.
SSO is set up so you can also configure SCIM provisioning in OneLogin with Udemy Business. This will allow you to provision, deprovision, create groups, manage group membership and change user profile details like name and email address in OneLogin. Any changes made within OneLogin will automatically update Udemy Business and other applications you have set up via this mechanism so you can manage your users in one place.
You do not need to update both OneLogin and Udemy Business separately with these actions as it will all be synced from OneLogin. Learn more about configuring SCIM provisioning with OneLogin.