This article outlines the steps required to configure SAML 2.0 integration in Okta with Udemy Business.
Please note: This setup might fail without customized parameter values for your organization. Please use the Okta Administrator Dashboard to add an application and view the values that are specific for your organization.
Table of contents
- Supported features
- Configuration steps
- Supported attributes
- How to add SAML attributes
- For SP-initiated SSO
Supported features
The Okta/Udemy Business SAML integration currently supports the following features:
- IdP-initiated SSO
- SP-initiated SSO
- JIT (Just In Time) Provisioning
Configuration steps
1. Contact the Udemy Business Support team and request that they enable SAML 2.0 for your account.
2. Save, then attach the following metadata file to your request:
Sign into the Okta Admin dashboard to generate this value.
3. We will provide you with the Audience URI (SP Entity ID) value.
4. In Okta, select the Sign On tab for the Udemy Business app, then click Edit.
5. Enter your Audience URI (SP Entity ID) value into the corresponding field. Then, click Save.
Supported attributes
The following attributes are supported:
| Name | Value |
| SCIM.email | user.email |
| SCIM.name.givenName | user.firstName |
| SCIM.name.familyName | user.lastName |
In addition to the default attributes, Okta supports the following custom attributes:
| Name | Value |
| groups | appuser.groups |
| externalID | appuser.udemyExternalId |
How to add SAML attributes
Please note: In order to assign users to a group via SAML, the value for the groups SAML attribute should be of a group that has already been created in Udemy Business.
Here is an example for how to add and use the additional externalID attribute:
1. In Okta, navigate to Directory > Profile Editor.
2. Search for the Udemy Business app, then click Profile:
3. Click Add Attribute, then enter the following information:
- Display Name: Enter a preferred attribute name. In our example, we used Udemy External ID.
-
Variable Name: Enter udemyExternalId.
Important: In our example, we are adding the udemyExternalId attribute. For the groups custom attribute, you have to use this variable name: groups. - Click either Add Attribute or Save and Add Another.
Please note: Scope (optional): If you check User personal, the current attribute will be available once you assign the user to the Udemy Business application and will not be available once you assign the group to the app.
4. Click Mappings:
5. Select the Okta to Udemy Business tab.
6. Begin typing the required attribute from the Okta Base User profile (or use the dropdown list), then select the attributes you want to map.
- The example below shows the employeeNumber attribute, and then uses the green arrows (Apply mapping on user create and update).
7. Click Save Mappings:
8. Click Apply updates now
9. Okta will now pass the udemyExternalId attribute with the value of the employeeNumber field from the Okta Base User Profile to Udemy Business.
For SP-initiated SSO
1. Go to: https://[your-subdomain].udemy.com.
2. Click Continue with Okta: