DocumentationLearning Manager

Okta Active Directory integration with Adobe Learning Manager okta-active-directory-integration-with-adobe-learning-manager

Last update: Thu Mar 07 2024 00:00:00 GMT+0000 (Coordinated Universal Time)

In this document, you will learn how to integrate Adobe Learning Manager with Okta Active Directory (AD). When you integrate Adobe Learning Manager with Okta AD, you can:

  • Check and control Learning Manager user’s access in Okta AD.
  • Enable users to be automatically signed in to Adobe Learning Manager with their Okta AD accounts.
  • Manage your accounts in one central location - the Okta portal.

Adobe Learning Manager supports Identity Provider (IdP) and Service Provider (SP) initiated SSO.

Create an application in OKTA

  1. Log in as an Administrator on Okta AD.

  2. Click Applications. This opens the Application Store in Okta.

    View application store in Okta

  3. Click Create App Integration.

    Select Create App Integration

  4. Select SAML 2.0 from the new app integration window.

    Select SAML2.0 option

  5. Select Create SAML integration > General settings page. Enter an Application Name.

    Note that this can be any name to uniquely identify your application. Once done, click Next.

    Enter the name of the application

  6. Perform the following steps on the Configure SAML settings page:

    For IDP setup:

    1. In the Single Sign-on URL field, type the URL: https://learningmanager.adobe.com/saml/SSO
    2. In the Audience URL field, type the URL: https://learningmanager.adobe.com
    3. In the Name ID Format drop-down box, select Email Address.
    4. In the Application username drop-down, select Okta username.
    5. In case you want to pass any additional attributes, you can add the attributes under the Attributes Statement (Optional)

    Add SAML attributes

    For SP setup:

    1. In the Single Sign-on URL field, type the URL: https://learningmanager.adobe.com/saml/SSO

    2. In the Audience URL field, type the URL: https://learningmanager.adobe.com

    3. In the Name ID Format drop-down box, select Email Address.

    4. In the Application, username drop-down select Okta username.

    5. Click on Show Advanced Settings.

    6. Under Signature Algorithm, select RSA-SHA256

    7. In the Assertion Algorithm, select SHA256

    8. In the Assertion Encryption dropbox, select Encrypted.

    9. In the Encryption Certificate option, upload the Certificate file shared by Adobe.

    10. In case you want to pass any additional attributes, you can add the attributes under the Attributes Statement (Optional).

    Add additional attributes

    Once done, click Next.

  7. The Feedback tab is optional. Once you have selected the options and given your feedback, click Finish.

    Complete SAML setup

Extract IDP initiated URL and Metadata file

To view the IdP/SP initiated URL and Metadata file, perform the below steps:

  1. Open the application that you have created.

  2. Under the Single Sign-On tab, click View Instructions.

    Select SSO tab

    For IDP:

    1. The Identity Provider Single Sign-On URL is the IdP initiated URL.
    2. Copy all the text that is present under the Optional field.
    3. Open a new notepad document and paste the copied text.
    4. Click File > Save as > “filename.xml”. This will be the metadata file.

    For SP:

    1. The Identity Provider Single Sign-On URL is the IdP initiated URL.
    2. The Identity Provider Issuer is the Entity ID.
    3. Copy all the text that is present under the Optional field.
    4. Open a new notepad document and paste the copied text.
    5. Click File > Save as > filename.xml. This will be the metadata file.

    Save SP XML file

    You need to save this file in an XML format.

Configuring Adobe Learning Manager SSO

To configure Adobe Learning Manager SSO, perform the steps mentioned in the below article.

recommendation-more-help
d5e5961a-141b-4c77-820e-8453ddef913d