In this tutorial, we will configure ADFS with Udemy Business using the metadata from ADFS.
- Access the Udemy Business SAML Metadata for ADFS.
- Learn how to configure advanced SSO settings on an organizational level.
- Cohort learning: Review how to configure SSO for our cohort learning platform, Corp U.
- Note: SSO integration is only available with the Enterprise Plan.
Features
Configuring ADFS
1. Launch the ADFS 2.0 console.
2. Under Trust Relationships > Relying Party Trusts, add a new Relying Party Trust. This will launch the wizard shown below.
3. Next, you will be prompted to import the Udemy Business Metadata file. Udemy Business SAML Metadata for ADFS is linked here.
4. Enter a name for the connection, for example Udemy Business.
5. On the Choose Issuance Authorization Rules step, select Permit all users to access this relying party.
6. Click Next to view the summary and complete the wizard.
7. Leave the “Open the Edit Claim Rules…” option checked and finish the wizard.
8. This will launch the Edit Claim Rules configuration utility.
9. This example will only gather claims from Active Directory to present to Udemy Business.
10. Configure a basic claim set.
Udemy Business supports the following SAML attributes (all attributes are space and case sensitive).
Required attributes
-
email
the unique email of the user
-
Name ID
an identifier that can be used in cases where a name is duplicated
Optional attributes
- firstName : the first name of the user
- middleName : the middle name (if any) of the user
- lastName : the last name of the user
- displayName : the fully formatted name of the user
- Name ID : an identifier that can be used in cases where a name is duplicated
- groups : the list of groups to which the user belongs. Note: If you do not plan to pass over groups do not send this attribute, as it will override existing groups.
- externalID : a unique user ID specified by the customer
- lmsUserID : a unique user ID specified by the customer
11. Once you’ve configured the claims, back on the ADFS 2.0 Relying Party Trusts window, right-click the newly created connection and view the properties for the connection. Navigate to the Encryption tab and Remove the encryption certificate.
12. That will complete the ADFS configuration. Next, you should download the metadata and input it into your Udemy Business account to create the SSO connection.
You can find the Metadata file by inputting your server name and linking to the below:
https://<ADFS server name>/FederationMetadata/2007-06/FederationMetadata.xml
Access the Single Sign-On (SSO) tab of your Udemy Business account. Click Start setup and choose your Identity Provider. On the configuration page, choose the appropriate metadata configuration method and follow the instructions to create the SSO connection with your Identity Provider and Udemy Business.