Click the Settings tab [1], and then click the Single Sign-On tile [2].

In the Single Sign-On Type page, click drop-down menu [1]. Then, select the SAML 2.0 option [2].

To configure your SSO, refer to the following lessons depending on your Identity Provider:

• How do I configure Single Sign-On with G-Suite?
• How do I configure Single Sign-On with Azure?
• How do I configure Single Sign-On with Active Directory (ADFS)?
• How do I configure Single Sign-On with ClassLink?

The following fields are commonly used to establish an SAML 2.0 connection with your Identity Provider:

• Identity Provider Redirect URL [1]: This is also known as the SSO Service URL or Log On URL provided by your IdP. Paste the Login URL into the Identity Provider Redirect URL text box on the LearnPlatform Single Sign-On setup screen. 
• Identity Provider Logout URL [2]: Some IdP’s provide a SingleLogoutService (or Logout) URL, but it is not required. Paste the Logout URL into the Identity Provider logout URL text box on the LearnPlatform Single Sign-On setup screen. 
• Attribute mapping [3]: The attributes LearnPlatform utilizes from the identity provider are the user’s email and first/last names. Go to LearnPlatform’s SAML setup page and enter the same attribute mapping fields as in your IdP SAML Console. For some IdP’s, this may be a specific URL associated with the attribute, while others may just provide the attribute.
• X509 Certificate [4]: In your IdP SAML console, identify the SAML Signing Certificate section. It may give you the option of downloading an XML file, or it may allow you to simply copy the certificate text directly. Once you’ve identified the certificate, enter the Begin and End certificate information. Make sure not to include any extra line breaks or spaces, as this will cause an error.

Click the User organization’s domain for callback URLs toggle on [5]. The below URLs may be needed by your IdP in the SAML console:

• AssertionConsumerService (ACS) URL/callback url [6]: Your ACS URL in your Service Provider Details for the LearnPlatform app is https://[YourSubDomain].app.learnplatform.com/users/auth/saml/callback/ 
• Entity ID/Metadata URL [7]: Your Entity ID/Metadata url in your Service Provider Details for the LearnPlatform app is https://[YourSubDomain].app.learnplatform.com/users/auth/saml/metadata/ 

Once you have completed setup, we recommend testing your SAML connection by opening an incognito window and navigating to http://[YourDomain].app.learnplatform.com (e.g., http://springfield.app.learnplatform.com).

If you are still logged in to your LearnPlatform account in your main window, you can disable SSO if needed.

Notes:

• Once you have configured and enabled SSO, members of your organization can access LearnPlatform at http://[YourDomain].app.learnplatform.com (e.g., http://springfield.app.learnplatform.com)
• If you get locked out of your LearnPlatform account, please contact your designated Project Consultant. If you have completed implementation, please contact support-lp@instructure.com. They will disable SSO, which will allow you to manually login and reconfigure.
• If you need to configure an application badge, you may use the template image for the icon URL.