Articles in this section

See more

Learn SSO Customer Guide – Entra ID

  • Updated

This documentation applies to customers using Microsoft Entra ID as their identity provider (IdP) and the Security Assertion Markup Language (SAML) protocol for single sign-on (SSO).

Note: You do not need to import or manually create users in Learn before SSO is enabled. User accounts will be automatically provisioned upon first login via SSO.

Step 1 – Create a New Enterprise Application

  1. In the Microsoft Entra Admin Centre, Navigate to Identity > Applications > Enterprise Applications
  2. Select New Application

  3. Select Create your own application

  4. Enter an Application Name
  5. Select Integrate any other application you don’t find in the gallery (Non-gallery)
  6. Click Create

 

 

 Step 2 – Configure Single Sign On

  1. Select Set Up Single Sign-On

  2. Choose SAML

  3. Select Edit under Basic SAML Configuration

 

Step 3 – Enter Evotix SAML Details

  1. Your Evotix Consultant will provide your:
  • Entity ID
  • Reply URL
  1. Enter both of those values

  2. Click Save

 

Step 4 – Add the Required Additional Claim

  1. Go to Attributes and Claims
  2. Select Add New Claim
  3. Paste the Claim Name (URL) provided by your Evotix Consultant
  4. Configure the claim

  5. Click Save

The Attributes and Claims Section should now display the additional claim.

 

Important Note: Learn Only Reads Additional Claims

Learn does not use the default NameID value; it reads the value from the Additional Claims section.

Therefore:

  1. A new claim must be added in Entra ID representing the Object ID (user.objectid)
  2. The attribute name of this claim must match the UID field configured by your Evotix Consultant in Learn
  3. In Learn, your Evotix consultant will update the UID field(s) to match the attribute name used in the SAML claim

This ensures that the following all align correctly:

  • The unique identifier sent in the SAML response
  • The UID field configured in Learn
  • The identity link between systems

 

Step 5 – Provide Federation Metadata

  1. Navigate to the SAML Signing Certificate Section
  2. Copy the App Federation Metadata URL

  3. Send this URL to your Evotix Consultant

 

Step 6 - Completion

Once your Evotix Consultant has completed the required steps, SSO will be enabled in your Evotix Learn site.

Return to top