Setting up Microsoft ADFS for Single Sign On with Learn Amp

Learn about setting up MicrosoftADFS for SSO with your platform.

Your Learn Amp account can be configured so that your users can sign in with Microsoft ADFS.

Setting up ADFS with Learn Amp requires the following:

 

1. A Relying Party Trust needs to be installed in the AD FS management snap-in tools by someone with Administrator privileges for the AD FS.

This is an XML document that defines Learn Amp as a trusted source for SSO, and what permissions our application needs. (Normally only First Name, Last Name, and Email/UPN).

If you require the Federation Metadata XML document, please request this from our Support Team.

The following are required for the set up on the Relying Party Trust:


Entity ID

This is the Full URL of your Learn Amp account learning space:

https://YOUR-LEARNING-SPACE.learnamp.com

 

Reply URL

https://YOUR-LEARNING-SPACE.learnamp.com/users/auth/wsfed/callback

 

Relay state

This is just the homepage of the application, so it would also be

https://YOUR-LEARNING-SPACE.learnamp.com

 

2. Your account needs to be configured by our Support team on Learn Amp.

We require the following from you, to configure the ADFS integration:

 

Your ADFS Meta Data URL

This is normally of the form:

https://YOUR-ADFS-SERVER/federationmetadata/2007-06/federationmetadata.xml

 

Your Idp (Identity provider) URL

The URI of the Identity provider. This is normally of the form:

https://YOUR-ADFS-SERVER/adfs/services/trust

 

Your relying Party URL

The endpoint URL to which the authentication request should be sent. This is normally of the form:

https://YOUR-ADFS-SERVER/adfs/ls

 

IdP Cert Fingerprint

The SHA1 fingerprint of the IdP's signing certificate (it will be something like: "90 CC 16 F0 8D AA"). This cert fingerprint is available via your ADFS administration desktop application.

 

Once we have configured the above with your account, your ADFS integration will be ready for testing SSO.