Configuring SAML SSO for TalentLMS

These steps will guide you through setting up the SAML-based single sign-on functionality between ADSelfService Plus and TalentLMS.

Note:Both the identity provider (ADSelfService Plus) and service provider (TalentLMS) sessions should not be terminated until the configuration process is over.

Prerequisite

  1. Log in to ADSelfService Plus.
  2. Navigate to Configuration > Self-Service > Password Sync/Single Sign On.
  3. Click Add Application.
  4. In the window that appears, you will find the list of applications supported by ADSelfService Plus. Choose TalentLMS.
    5. Note:You can also use the search bar, in the top-left, to search for the application.
  5. Click IdP Details option in the top-right corner.
  6. In the pop-up that appears, click on the SSO (SAML) tab and record the Entity ID, Login URL, Logout URL, SHA1 FingerPrint values that will be required to configure SSO in the service provider.
Configuring SAML SSO for TalentLMS

Configuring the Service Provider (TalentLMS)

  1. Log in to TalentLMS using administrator credentials.
  2. Navigate to Account & Settings > Users.
    3. Configuring SAML SSO for TalentLMS
  3. Click on Single Sign-On (SSO).
    4. Configuring SAML SSO for TalentLMS
  4. Under SSO integration type, choose SAML 2.0.
    5. Configuring SAML SSO for TalentLMS
  5. Enter the values copied in step 6 of Pre-requisites corresponding to Identity Provider, Certificate fingerprint, Remote sign-in URL and Remote sign-out URL.

    6. Identity Provider: Entity ID

    Certificate fingerprint: SHA1 FingerPrint

    Remote sign-in URL: Login URL

    Remote sign-out URL: Logout URL

  6. Also, enter the Targeted ID, First Name, Last Name and Email using the below mentioned values.

    7. Targeted ID: tid

    First name: first_name

    Last name: last_name

    Email: email

  7. Click Save and check your configuration.
    8. Configuring SAML SSO for TalentLMS
  8. From SSO login screen drop-down, choose Login page + IdP login link.
  9. Then, click Save.
    10. Configuring SAML SSO for TalentLMS

Configuring ADSelfService Plus

  1. Switch back to the ADSelfService Plus console.
  2. Enter a suitable Name and Description for the application.
  3. Type the Domain Name. For example, if you use johndoe@selfservice.com to log in to the application, then selfservice.com is the domain name.
  4. Choose the required policies from Assign Policies drop-down.
  5. Under the SAML tab, select the Enable Single Sign-On checkbox.
  6. Enter the name of the Sub Domain. For example, if your portal URL is https://self-service.talentlms.com, enter the value self-service as sub-domain.
    7. Configuring SAML SSO for TalentLMS
  7. Choose the Name ID format that has to be sent in the SAML response. The Name ID format will specify the type of value sent in the SAML response for user identity verification.
  8. Click Add Application.

You have successfully configured TalentLMS SSO functionality via ADSelfService Plus. Users should now be able to sign in to TalentLMS through ADSelfService Plus.

Note: For TalentLMS, both IdP-initiated and SP-initiated flows are supported.
Go to Top

Copyright © 2023, ZOHO Corp. All Rights Reserved.