Best Answer

SSO Seamless Authentication

  • 5 October 2021
  • 4 replies
  • 632 views

Does Docebo offer seamless authentication when accessed from an SSO’s identity provider?  I have searched for this, but was unable to find anything in the support documentation or in other community posts.

 

For example, let’s say my site xyz.com is the SAML SSO identity provider for Docebo.  When my users log in to xyz.com, I have a link that points them to my Docebo platform.  However, even though they have already authenticated on my site, they are still required to hit the SSO login button when Docebo loads.  Is it possible to configure Docebo to seamlessly authenticate from the identity provider, so a user is automatically logged in to Docebo when they access the Docebo link from my site?

 

We have other vendors who provide this functionality, so I’m hoping Docebo does, as well.  

 

Thanks!

icon

Best answer by alekwo 5 October 2021, 08:51

View original

4 replies

Userlevel 7
Badge +1

Hi @JP77 it’s not a setting in Docebo, but rather the way your identity provider is making the redirect to Docebo and providing (or not) SAML data with the request.

 

We’re using Okta and it’s possible to prepare deep links which do pass SAML authentication data immediately, so if someone is already authenticated in Okta, they will go straight to the correct page in Docebo, and if they are not authenticated, they will be first asked to login, and then redirected to the right page.

 

For example, with Okta, to get someone directly to the page:

https://site.docebosaas.com/pages/22/learning-home

we’d use an Okta deep link like this (note that the address above is url-encoded and put into the RelayState parameter):

https://{{my.oktadomain.com}}/app/{{docebo_app_name}}/{{docebo_app_id}}/sso/saml?RelayState=https%3A%2F%2Fsite.docebosaas.com%2Fpages%2F22%2Flearning-home

 

I think that similar approach for deep-linking should be possible with other identity providers.

Userlevel 7
Badge +1

And of course, you can also use a standard Docebo’s deep linking, however, it is limited to courses only.

To get people to the course page you can use:

https://site.docebosaas.com/lms/index.php?r=site/sso&sso_type=saml&id_course={{course_id}}

Thank you @alekwo , that worked great!!!

 

For future reference if anybody else found this, I am using a Salesforce community as my IDP.  When users access the community, they have a link to Docebo.  From the connected app in Salesforce, I used the “Start URL” as my community link.

Userlevel 3
Badge

And of course, you can also use a standard Docebo’s deep linking, however, it is limited to courses only.

To get people to the course page you can use:

https://site.docebosaas.com/lms/index.php?r=site/sso&sso_type=saml&id_course={{course_id}}

@alekwo We have been using SAML links to courses, but, as you stated, it’s only available for courses and not learning plans.  Plus, we have to manually create these SAML links ourselves by getting the course_id and switching it out on that URL you provided.  It would be great if Docebo added SAML URLs in the Advanced Properties > Social & Rating > Course Enrollment Link section and also on Learning Plans.

 

I added this “idea” on the ideas portal over a year ago now:
Courses: https://doceboportal.ideas.aha.io/ideas/LMS-I-3070

Pages: https://doceboportal.ideas.aha.io/ideas/LMS-I-3069

Reply