Single Sign-On with SAML Documentation
Lessonly customers have the option of enabling single sign-on with SAML integration. If you have an identity provider capable of speaking SAML 2.0, we can set your identity provider as a method for your users to sign in to Lessonly.
What your identity provider needs
- Support SAML 2.0
- Support passing back an email address for the users’ Name ID
- Support passing back the following attributes:
- First Name
- Last Name
- Nickname – optional
- Email address
- User ID – anything unique to identify your users
How to get it set up
- Talk to your rep at Lessonly to begin getting SSO with SAML set up
- We will need your identity provider’s target URL where we will send authentication requests
- We will also need either your identity provider’s certificate (in PEM format) or certificate fingerprint
- Once we have those, our technical staff can configure Lessonly as a service provider for you
- Once that is done, you will be able to find your Lessonly service provider metadata at https://your_subdomain.lessonly.com/auth/saml/metadata
- This metadata file will contain information including the requested nameIDFormat, the service provider callback URL, the issuer name, and the SAML version
With this information you should have all you need to configure Lessonly as a service provider in your identity provider. When everything is tested and working properly, we will configure the Lessonly login page to offer your identity provider as an option for signing in to Lessonly.
Logging in with SSO
The Lessonly login page will have an additional button for your users to use. When they click that button, they will be taken to your identity provider. When your identity provider authenticates the user, the user will be returned to Lessonly logged in.
If you have any questions, email firstname.lastname@example.org and we will be happy to help you out!