This article is about setting up single sign-on within Blue LMS. The capability to do so must first have been enabled for the specific portal by Me Learning. If single sign-on has previously been set up within a portal and guidance for learner account migration is required, this can be found here.
Blue LMS contains a module that allows the site administrator to configure one or more instances of a SAML2.0 compliant SSO module, each one able to connect to a different Identity Provider (e.g. ADFS or Azure ADFS). Each provider can be individually configured to automatically create user accounts on authentication, or to only allow users who have been previously created by an administrator.
To set up single sign-on, access System settings from Setup in the main menu bar. Access the final option in the left-hand menu: Authentication settings:
This page displays a list of all configured authentication options, along with options to disable/remove/edit each existing integration and add new integrations.
Please note, that you can only remove an inactive authentication integration. This is to prevent accidental deletion and loss of access to users.
To add a new integration for single sign-on, select the Add integration button and enter a name:
The name you add here will appear on the Login button.
The integration settings page will be produced.
The first two fields are for information and should be noted for configuring the Identity Provider.
The integration name can be edited if required and a description can be entered. This information will be displayed on the learner login page and on the SSO migration page.
The metadata field should have the Identity Provider’s (IdP) metadata pasted directly, or a publicly accessible URL for the system to grab the data itself.
Metadata can be downloaded from the LMS if the IdP requires the Service Provider (SP) metadata to be supplied manually– some IdP’s will collect this automatically (e.g. Azure).
Auto create users allows the system to create a user account for any user who does not already have an account when they initially authenticate using SSO.
If your site has a number of existing users, they are able to migrate to using Single sign-on instead of username and password. The setting Send user notifications will present these users with the option to migrate ther account to SSO on their next login.
Selecting the Save settings button will add the new integration to the table within Authentication options where it can be edited if required.