You can create a new SAML application in your Identity Provider (IdP) to replace your existing SAML configuration and allow users to continue signing in to the learning environment using their organization’s credentials; this process applies only when SAML SSO is already in place and you are intentionally overwriting the current SAML application with a new one, in which case the previous SAML application will no longer function once the replacement is completed, and this does not cover initial SAML setup.
Step-by-step Guide
-
The metadata URL is public and returns XML. You can view / download the metadata file and import it in your IdP to create a new SAML application.
-
The metadata file is available at on your site at /auth/saml2/sp/metadata.php?download=1
-
-
Map identifiers/claims (e.g., NameID = email or UPN, plus any basic identity attributes you require).
-
Assign users/groups who should access the learning environment.
-
Open a ticket with our Help Desk and provide them with the IdP metadata xml link to your new app. Our team will update the configuration in the platform to point to this link.
-
Test SP-initiated login starting from your Workplace learning environment.
Verification
-
User can access the login page of your Workplace learning environment, click on the SSO login button, authenticate at the IdP, and return to the site’s home page.
-
If a user can’t log in but should, verify their account exists in the learning environment and that their authentication is set to SAML2.
Important Notes
-
This process is only for replacing an existing SAML application, not for initial setup. SAML SSO must already be configured on your system.
-
Following this process will deprecate the existing SAML application, as only one SAML application can be supported per learning environment and the old one will no longer function.