• Free Trial
  • Products
    • LMSThe world’s easiest-to-use learning management system.
    • Training ContentA robust library of off-the-shelf learning content.
  • Solutions
    • By Use Case
      • Employee Training
      • Sales Training
      • Customer Training
      • Partner Training
      • Compliance Training
      • View all
    • By Industry
      • Technology
      • Nonprofit
      • Retail
      • Hospitality
      • Healthcare
      • View all
  • Customers
    • Learn more about Litmos customer success stories.
      • Case Studies
      • Video Testimonials
      • I Love Litmos
      • Lenny Awards
    • Featured Customer
      • Sabre, a global travel technology provider, increases revenue by using Litmos to train their sales and technical teams.
  • Pricing
  • Resources
    • Ebooks & Infographics
    • Webinars & Podcasts
    • Events
    • Integrations
    • Blog
  • About
    • Company
    • Partners
    • Awards
    • Careers
    • Sustainability
  • Free Trial
Litmos
Log in
Contact us
Support
Search
  • Free Trial
  • Products
    • LMSThe world’s easiest-to-use learning management system.
    • Training ContentA robust library of off-the-shelf learning content.
  • Solutions
    • By Use Case
      • Employee Training
      • Sales Training
      • Customer Training
      • Partner Training
      • Compliance Training
      • View all
    • By Industry
      • Technology
      • Nonprofit
      • Retail
      • Hospitality
      • Healthcare
      • View all
  • Customers
    • Learn more about Litmos customer success stories.
      • Case Studies
      • Video Testimonials
      • I Love Litmos
      • Lenny Awards
    • Featured Customer
      • Sabre, a global travel technology provider, increases revenue by using Litmos to train their sales and technical teams.
  • Pricing
  • Resources
    • Ebooks & Infographics
    • Webinars & Podcasts
    • Events
    • Integrations
    • Blog
  • About
    • Company
    • Partners
    • Awards
    • Careers
    • Sustainability
  • Free Trial

Litmos Documentation

Integrations

Home › Litmos Documentation › Okta Integration

Okta Integration

What does the Okta integration do?

Okta is the foundation for secure connections between people and technology. Okta’s IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Okta’s Platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

Okta supports the following enterprise identity management features for Litmos as an Okta Cloud Connect Technology Partner:

  • Application visibility

  • Application Auto-launch

  • Browser Plugin to Auto-submit credentials

  • Virtual Private Network imposition

  • Secure Web-Authentication (SWA)

  • SAML 2.0

  • Sign On Policies

  • Provisioning Features

  • Profile Attributes & Mappings

  • Groups and Push Groups

  • Access Logs

Litmos offers SAML integration with Single Sign On using Okta as an IdP (Identity Provider). This integration will allow users of Okta to login directly to their Litmos learning accounts and automatically provision new users in the system. Using active directory integration through Okta this will streamline the efforts needed to administer users in Litmos.  The steps outlined below will allow for this integration.

Supported Features for the Integration

The Okta/Litmos SAML integration currently supports the following features:

  • IdP-initiated SSO

  • Just In Time (JIT) Provisioning 

Add Litmos to Okta

Before your organization can begin using Litmos with Okta, an Okta Administrator will need to add the Litmos app to the Okta account. An Okta Administrator can perform this by navigating to the “Applications” tab, clicking on the “Add Application” button and then choosing to “add” the Litmos app to Okta:

 

Configure General Settings in Okta

Once Litmos has been added, the next step for the Okta Administrator will be to configure the “General Settings” for the Litmos app. This includes creating an application label, confirming the Litmos login URL, configuring the application’s visibility and determining the use of the browser plugin:

 

The application label is what displays to end-users when viewing the app in Okta. The login URL is the destination for the user login, which can be a “.Litmos.com” domain or a custom domain. Check your Litmos account to verify the login URL.

The application visibility is what determines if end-users in Okta will be able to view the Litmos app on the Okta content tab, or add the app to their content tab.

 

SAML SSO Configuration

  1. Sign into your Litmos account.

  2. Click on the Account settings icon on the left side menu (or from the profile dropdown in horizontal theme), then select Integrations:

  3. Select SAML 2.0 (Single Sign On):

  4. Copy and paste the metadata file in the SAML Metadata field. This can be found in Okta under Sign On > View Setup Instructions

     

    Important! Exclude the following first line of the metadata as Litmos gives an error if it is included in the metadata: <?xml version=”1.0″ encoding=”UTF-8″?>.

  5. Click Save changes:

Important Note: If your IDP doesn’t support encrypted assertions, make sure “Verify assertion signatures and encryption” is unchecked or you will encounter an error.

Okta User Provisioning Configuration

  1. Check the Enable API Integration box.

  2. Enter your Litmos API Credentials:

      • Base API URL: Automatically added.

        • If you are on the AU or EU database, the API URL will need to be changed slightly. (AU:  https://api.litmos.com.au or EU: https://api.litmoseu.com )

      • In the field titled ‘Base API URL’, populate: https://api.litmos.com

      • Company: Enter your company name. This is used to identify you in Litmos. You can enter any value that identifies your organization in Litmos.

      • API Key: Enter the API key you copied from Litmos (see Requirements above). Also, make sure that your AccessLevel is Administrator or Account Owner.

  3. Click Test API Credentials. If your API credentials are valid, you will see a success message, as shown here:

  4. Select To App in the left panel, then select the Provisioning Features you want to enable:

  5. Click Save.

  6. You can now assign people to the app, if needed (see User Provisioning).

User Provisioning

  • To assign users to the Litmos app, open the app, select the People tab and then click the Assign to People button:

  • In the Assign Litmos to People dialog, select a user, then click the Assign button:

 

  • You can select which access level grant to each user by selecting the corresponding value from the AccessLevel dropdown menu:

  • Click the Save and Go Back button.

Deep Linking into a Course or Learning Path from Okta and OneLogin

The user must be assigned directly or have the course or learning path added to the Course library to have access to it. If they do not have access to it, they will receive an “Invalid Access” error message.  

Once we have the single sign-on setup, we can use the RelayState query parameter to redirect the users to a specific Course directly upon login instead of the dashboard. This would be useful if the users are using the Course assigned email. 

OKTA

For Okta, the URL for deeplinking to a course should follow the format seen below:

https://Domain.okta.com/app/litmos/exkfxcjddb23t0uKk0h7/sso/saml?RelayState=https://domain.litmos.com/course/12345

Note: exkfxcjddb23t0uKk0h7 is an example Litmos App ID, you will use your own unique App ID generated by Okta for the Litmos App to use in the deeplink. This is found in the Metadata. 

This is basically the HTTP-POST Link followed by the RelayState query parameter. We can find the link in the metadata provided by Okta:

We can use the above in the Course assigned email as a Course link. Below is what we can use in the course assigned email for the deep link to work.

https://Domain.okta.com/app/litmos/exkfxcjddb23t0uKk0h7/sso/saml?RelayState=https://domain.litmos.com/course/[COURSE_ID]

Note: Okta has released a new Litmos app for our SHA-256 endpoint, domain.litmos.com/integration/splogin and is Live.

OneLogin

For OneLogin, it’s the same as above but the url would be SAML 2.0 Endpoint which we’ll find in the SSO tab in litmos app settings in OneLogin.

Something like this:

https://domain.onelogin.com/trust/saml2/http-post/sso/742576?RelayState=https://domain.litmos.com/course/12345

We can follow the same process as of Okta’s by using link in the Course assigned email. 

https://domain.onelogin.com/trust/saml2/http-post/sso/742576?RelayState=https://domain.litmos.com/course/[COURSE_ID]

[Course_ID] is the placeholder which will dynamically fetch the course id.

No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of Litmos.

The information contained herein may be changed without prior notice. Some software products marketed by Litmos and its distributors contain proprietary software components of other software vendors. National product specifications may vary.

These materials are provided by Litmos for informational purposes only, without representation or warranty of any kind, and Litmos or its affiliated companies shall not be liable for errors or omissions with respect to the materials. The only warranties for Litmos company products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.

In particular Litmos or its affiliated companies have no obligation to pursue any course of business outlined in this document or any related presentation, or to develop or release any functionality mentioned therein. This document, or any related presentation, and Litmos or its affiliated companies’ strategy and possible future developments, products, and/or platform directions and functionality are all subject to change and may be changed by Litmos or its affiliated companies at any time for any reason without notice.

The information in this document is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. All forward-looking statements are subject to various risks and uncertainties that could cause actual results to differ materially from expectations. Readers are cautioned not to place undue reliance on these forward-looking statements, and they should not be relied upon in making purchasing decisions.

© 2022 Litmos or a Litmos affiliate company. All rights reserved.

Litmos and other Litmos products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Litmos (or a Litmos affiliate company) in the United States and other countries. All other product and service names mentioned are the trademarks of their respective companies.

Match keywords.

Useful Links

  • Release Notes
  • Customer Portal

In this article

Related articles

  1. Azure Active Directory SAML Single Sign On SSO Integration With Litmos
  2. SAP Identity Provisioning Service Ips Setup Litmos As A Target System
  3. SAML 2.0 Single Sign On SSO With Any Identity Provider Idp

Also of Interest

  • New Employee Training
  • Mobile Learning System
  • Mobile Learning for Business
  • Corporate LMS
  • Enterprise Learning Management System
  • LMS Platform
  • eLearning Platform
  • What is a learning management system?
  • See Additional Resources

Solutions by Use Case

  • Employee Training
  • Customer Training
  • Compliance Training
  • Sales Training
  • Operations Training
  • Gig Worker Training
  • Contractor Training
  • Supplier Training

Solutions by Industry

  • Technology
  • Nonprofit
  • Retail
  • Hospitality
  • Healthcare

Contact Us

Contact
UK: +44 20 4551 1606
USA: +1 925 490 0401
AUS: +61 3 7066 4851
Email
Support
Address
Contact Us
Litmos Reviews Litmos Reviews
Litmos Careers Careers

© 2023 Litmos US, L.P. and affiliates. All rights reserved.

  • Privacy Statement
  • Terms & Conditions
  • Website Terms