Udemy Business supports Single Sign-On (SSO) with any provider that supports SAML2.0.
Udemy Business admins can independently enable SSO for your organization’s Udemy Business account and manage the integration moving forward as required. In addition, we provide a number of optional settings, which can be used to customize your SSO configuration.
- Identity Provider (IdP) Initiated SSO
- Users will be able to initiate the login process from their SSO dashboard
- Service Provider (SP) Initiated SSO
- Users will be able to access [your-subdomain.udemy.com] and initiate the login process.
- Just in Time (JIT) / Auto-Provisioning
- Users authenticated through SSO will be provisioned to Udemy Business on their first login.
- Please note: JIT-provisioned users will not receive an automatically-generated email invite to claim their Udemy Business license as they would if they were manually invited through the Udemy Business user management portal. We recommend your learning team send out a separate communication explaining how they can get access by logging in via their SSO provider.
- Reactivate Deactivated Users
- Assign Users to Groups in Udemy Business
- Users can be assigned to Udemy groups via SSO.
- Please note: The group must already exist within Udemy for a user to be assigned to it via SSO only, and the group attribute must be sent as a claim in the SAML assertion. If you wish to create, remove, and edit group membership that can be done via SSO + SCIM.
- SSO integration is only available for Enterprise Plan users.
- The SSO integration can only be configured by a licensed admin in your organization’s Udemy Business account.
Where to configure SSO
To set up and manage your organization’s SSO integration in your Udemy Business account, please do the following:
- Log into your account and click Manage in the top right menu.
- Select Settings.
- Next, click Single sign-on (SSO) from the menu on the left.
- If you don’t have an active integration, click the Start setup button and select which identity provider you want to integrate with.
Please review the applicable article below to guide you through setting up your SSO integration. Note: for assistance in setting up SSO with other/custom identity providers, please contact our support team.
- How to Configure SSO with Azure AD
- How to Configure SSO with ADFS
- How to Configure SSO with Okta
- How to Configure SSO with OneLogin
- How to Configure SSO with Google Workspace
- How to Configure a Custom SSO Connection
- Cohort learning: Review how to configure SSO for our cohort learning platform, Corp U.
Optional SSO settings
Once you’ve configured your SSO integration, you can access these options by clicking the Optional settings dropdown menu at the bottom of the page.
- Please note: if you encounter a notification stating your account is not compatible with our self-serve SSO feature, and wish to modify any of the optional settings, please contact Udemy Support.
Optional SSO settings include:
- Log in via SSO Provider only:
All users will be forced to log in via SSO. If this option is not selected, users will be able to log in via SSO or their username and password.
- Please note: It is advised that all new configurations start with optional SSO to ensure any errors in the configuration do not impact the current user accessibility.
- Custom redirect URL:
Insert the URL of the page you wish your users to land on if an error occurs with your SSO connection.
- Session timeout:
Set a time, after which, inactive users will be automatically logged out of Udemy Business.
- Single logout:
When a user logs out of Udemy Business, they will be logged out of all SSO applications.
- Allow SSO auto-provisioning:
New users logging in through SSO will be automatically provisioned with a license. Otherwise, only existing users and users that have been invited to the account will be allowed to log in and consume a license.
- Use Case: This can be disabled when an admin wishes to manage user access directly.
- Allow deactivated users to be reactivated via SSO:
Users that have been deactivated will be automatically reactivated when they log in again through SSO (if these users are also still provisioned with access via SSO).
How to pause or delete your SSO connection
Access: Manage > Settings > Single sign-on (SSO).
*NOTE: Deleting a connection will remove all connection information, and cannot be recovered.
Udemy Business supports the following SAML attributes
All attributes are space and case-sensitive and do not include the colon.
email : the unique email of the user
firstName : the first name of the user
middleName : the middle name (if any) of the user
lastName : the last name of the user
displayName : the fully formatted name of the user
Name ID : an identifier that can be used in cases where a name is duplicated
groups : the list of groups to which the user belongs
externalID : a unique user ID specified by the customer
- lmsUserID : a unique user ID specified by the customer