Skip to main content

Hey Docebo superstars. I don’t think this has been raised previously as I couldn’t find any solutions anywhere, but we have a  couple of problems with the not logged in redirect behaviour. Like most (I believe) organisations, we’re using sso for our customers to move seamlessly from our customer portal to the learning platform. We launch in two weeks and our understanding until today was that we could configure a ‘Redirect user on logout’ url in the advanced settings that would send users to our member portal login page any time they a) clicked a link to a Docebo page when they were not already signed in to the lms or b) their session timed out. We just discovered the “only works when sso is not enabled” caveat, so now we can’t use any links to Docebo pages from outside the platform, and more importantly, any time a user’s session times out they’re going to encounter a foreign login page requesting a password they don’t have and won’t understand - enter frustrated customer and helpdesk phone call. Has anybody found a way around this?

If I understand you correctly, you are looking to use a different logout URL for users using SSO vs. those not using SSO?? Is that correct?


Not exactly. All our customers use SSO. They don’t have any passwords in Docebo and are imported via Docebo Connect. Our customers can only access the lms via the link in our member portal, which they must sign in to access. What we were planning to do is if they a) click a link to a specific page (for example, an eLearning page) from outside the lms, while not signed in to the member portal, or b) more importantly, their lms session times out, we want to direct them back to the member portal to sign in so they can then access the lms, via SSO.


hmmm ok, and you installed the SSO redirect URL? 

you can add a url to any place here...we have some domains that go back to the SSO (Azure) login page and other that redirect to their intranet page where they can find the login link...


Ah, okay. That’s from the SAML setup. We’re not using that, we’re using the SSO and API configuration, so I might need to talk to our IT team about the SAML option. Thanks for the pointer.

 

At the moment we’re stuck with this option in the Users section of the Advanced Settings.

 


What I showed you in under a sub domain but I can be done at the root as well if you only have 1 version of SSO for all your users.


Brilliant! Our IT team did the SSO setup so I didn’t realise there was a ‘non logged in users’ option in there. I thought we had to use the Advanced Settings Users setting.

 

 

Thanks so much for your perpetual wisdom, @lrnlab. It’s always appreciated.


If I understand you correctly, you are looking to use a different logout URL for users using SSO vs. those not using SSO?? Is that correct?

Hi Lrnlab - I do actually have scenario like this^.   We have 3 domains.  1 uses SAML, the other 2 subdomains use regular authentication (no SSO or SAML),  is there a way to set up a different redirect URL for each domain? 


If I understand you correctly, you are looking to use a different logout URL for users using SSO vs. those not using SSO?? Is that correct?

Hi Lrnlab - I do actually have scenario like this^.   We have 3 domains.  1 uses SAML, the other 2 subdomains use regular authentication (no SSO or SAML),  is there a way to set up a different redirect URL for each domain? 

Yes with 3 different domains, you can set the parameters for each independently of the others so each sub domain can have its own logout rules.


I am having trouble making that happen.    I am in the “SAML 2.0 settings” for the subdomain.  I selected “Enable Custom Settings for thie Client”.   I am only able to modify the “SSO Behavior/redirect URL” settings if i select the ‘Active’ checkbox at the top.   If I do, then I am required to enter all the SAML setup fields in order to save the “Redirect Url” setting.   Which of course I do not have SAML for this subdomain.


I am having trouble making that happen.    I am in the “SAML 2.0 settings” for the subdomain.  I selected “Enable Custom Settings for thie Client”.   I am only able to modify the “SSO Behavior/redirect URL” settings if i select the ‘Active’ checkbox at the top.   If I do, then I am required to enter all the SAML setup fields in order to save the “Redirect Url” setting.   Which of course I do not have SAML for this subdomain.

yes that is part of the set-up options...you cannot set a redirect without it as it only applies to SSO for that sub domain.

You can set a redirect on logout for the entire system under Advanced Settings but not sure how that would work with your domains that do use SAML/SSO - if you have a sandbox, you can test it there.

It does state that it cannot be used in conjunction with SSO so not sure this will work for you…

If this is only for that sub domain that does not use SSO, then you might be out of luck...


Reply