SSO setup with LearnUpon using Drupal IdP

This document will help you configure LearnUpon as a Service Provider (SP) making Drupal as your Identity Provider (IDP). Following these steps will allow you to configure SAML SSO between LearnUpon and your Drupal site such that your users will be able to log in to LearnUpon using their Drupal credentials.

The Drupal SAML SSO - Identity Provider module is compatible with Drupal 7, Drupal 8, Drupal 9, Drupal 10, and Drupal 11.

Prerequisite:

• Install and activate the SAML SSO - Identity Provider module on your Drupal site. Follow these steps to install the module.

Drupal SAML IDP Metadata:

• After installing the module on your Drupal site, in the Administration menu, navigate to Configuration → People → miniOrange SAML IDP Configuration. (/admin/config/people/miniorange_saml_idp/idp_setup)

  

• Under the IDP Metadata tab, copy the IDP Entity ID or Issuer, SAML Login URL, and X.509 Certificate. Keep it handy. (This is needed to configure LearnUpon as SAML SP.)

  

Configure SAML SSO Application in LearnUpon:

• Login to your LearnUpon account as an administrator.

• Go to the dashboard.

  

• Navigate to Settings

  

• Go to the Integrations and select Single Sign-On- SAML.

  

• Select General Settings.

• Enter the values by referring to the table below.

  Enable trigger	Switch on the Enabled trigger.
  Version	Select 2.0.
  Skip Conditions	NO
  SAML Token POST param name	Enter SAMLResponse.
  Name Identifier Format:	Enter urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
  Identify Provider Location (IDP SSO Target URL)	In the Identify Provider Location textbox, type the learnupon URL that indicates where the users are sent to if they   initiate the SSO from Drupal.
  Unauthorized URL	Enter /users/sign_in
  Sign out URL	Enter /users/sign_in
  Disable portal login page?	If enabled user can copy and paste the value from Drupal
  Certificate Fingerprint	Follow the steps below to copy the Thumbprint of certificate: 1. Open the certificate that was downloaded earlier. 2. Go to Details and in the field column select Thumbprint. 3. Copy the Thumbprint that opens in the pane by pressing CTRL+C (Right-Click won't work!). 4. Paste the Thumbprint in the Certificate Fingerprint. Make sure that there are no spaces in between the Certificate Fingerprint.Remove them manually.

  Note: This switch disables the login page that is available on the portal. Once enabled, when your users try to access the portal’s login page, they will instead be redirected to the URL, which has been entered into the IDP SSO Target URL field. You can still access the portal login page by entering users/sign_in?no_sso=true at the end of the standard portal URL.

  

• Click Save to complete the configuration.

• Scroll down to the Manage FingerPrints section.

  

• Click Save to complete the configuration.
• OPTIONAL: If you want to enable Just In Time (JIT) provisioning:
• Go back to the Settings -> Integrations -> Single Sign On – SAML page..
• Select User & Group Settings.
• Enable Create Users if they do not exist in your portal.
• First Name Identifier Format: Enter FirstName.
• Last Name Identifier Format: Enter LastName.

• Click Save to complete the configuration.

  

Configure Drupal as SAML Identity Provider (IdP):

• Navigate to the Drupal site and switch to the Service Provider Setup tab of the miniOrange SAML IDP module.

• Under the Service Provider Setup tab, provider the information as per below table.

  Drupal SAML IDP Field	Service Provider Information (LearnUpon)
  Service Provider Name	LearnUpon
  SP Entity ID or Issuer	Copy and paste SP Entity ID or Issuer from the LearnUpon
  ACS URL	Copy and paste ACS URL from the LearnUpon as service provider

  

• Scroll down and click on Save Configuration button.

• Click on Test link to test your configuration.

  

You have successfully set up LearnUpon as Service Provider and Drupal as Identity Provider.

 Back to top