Configuring SAML for LearnUpon
REQUIRED ACCOUNT/PERMISSION LEVEL
Bitium: All account levels; must be an admin to set up
LearnUpon: Corporate account required; must be an admin to set up
Go to “Manage Apps.”
Select “LearnUpon” from the list of installed apps.
Select the “Single Sign-On” tab.
From the dropdown, select “SAML Authentication.”
Leave your Bitium window open and continue in a new tab.
Login to LearnUpon as an admin.
Navigate to Settings > “Single Sign On - SAML”
Click “General Settings.”
Check the “Enabled?”” box.
Set the Version dropdown menu to 2.0.
Set Skip Conditions to “No.”
Type SAMLResponse in the “SAML Token POST param name” field.
Type urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress in the “Name Identifier Format” field.
Copy the Login URL from Bitium. Paste into the “Identity Provider Location (IDP SSO Target URL)” field in LearnUpon.
Set the Unauthorized URL and Sign out URL to wherever you would like users to be redirected upon failing to sign in/signing out. You may use the Logout URL from Bitium for the Sign out URL. (optional).
Click “Manage Fingerprints” in LearnUpon. Copy the Certificate Fingerprint from Bitium. Paste into the Fingerprint field in LearnUpon. Save.
Save in LearnUpon.
In Bitium, go back to the Single Sign-On tab for LearnUpon and click the “Save Changes” button.
Note: Under User Settings in LearnUpon, you have the option of enabling JIT provisioning. This allows you to assign LearnUpon to users in Bitium who do not have LearnUpon accounts, and LearnUpon accounts will be created for them upon authenticating into LearnUpon via SAML for the first time. Here are the steps to enable:
Click the box Create Users if they do not exist in your portal.
Type “FirstName” into the First Name Identifier Format field.
Type “LastName” into the Last Name Identifier Format field.
Save in LearnUpon.
SAML Enabled will be illuminated in green once completed.