All Collections
Start with Rakoo
Linking your hub to other systems
SSO Microsoft (SAML)
SSO Microsoft (SAML)

Read how to implement SSO via Microsoft into your online academy

Floor Takman avatar
Written by Floor Takman
Updated over a week ago

What is SSO?

Single sign-on (SSO) allows your users to log in to the online academy using an external account. In this article, we will discuss what to configure in order to activate SSO integration with Microsoft. For further information about SSO in general, please refer to this article.

In order to utilize SSO, users must already be added to the online academy. SSO does not create user accounts.

How do I configure SSO?

We will provide instructions on how to set up SSO. Please consult Microsoft’s support for the precise settings.

Step-by-step guide for creating credentials in Microsoft

To set up SSO via Microsoft, you can follow the steps below. This support article from Microsoft can also assist you.

  1. In the Basic SAML Configuration, fill in the Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL).

    1. You can access this by clicking 'Edit' under Basic SAML Configuration in the Set up Single Sign-On with SAML section.

    2. Next, proceed to enter the following information:

      Identifier:

      urn:co:hubper:saml2-adapter > make sure to check the box for default here.

      urn:com:rakoo:saml2-adapter

      Reply URL:

      https://saml2.rakoo.com/saml/SSO

      https://saml2.hubper.co/saml/SSO > make sure to check the box for default here

  2. Correctly set the attributes:

    1. User.mail = user.userprinciplename

    2. Unique User Identifier = user.userprinciplename

  3. Next, you need the credentials from Microsoft to set up the integration in your online academy.

    1. App Federation Metadata URL

      It may look like this (example):

      https://login.microsoftonline.com/e2126f63-8dda-44b5-9b94-77742ad125fe/federationmetadata/2007-06/federationmetadata.xml?appid=fac70d5b-b5f6-4de7-9210-42c981a9da7a

      This URL may vary for your situation. It's important to include the following part in the URL: appid=fac70d5b-b5f6-4de7-9210-42c981a9da7a

    2. Microsoft Entra ID Identifier (EntityID)

      It may look like this: https://sts.windows.net/e2126f63-8dda-44b5-9b94-77742ad125fe/

    3. Optional: Certificate (Base64)

      It is possible to upload a certificate for the SSO integration in Rakoo. You can download this certificate from the same location as the information above. If you wish to do so, you can also send it to us.

Step-by-step guide for creating the integration in the online academy

  • You can manage your integrations on the integrations page. You can find this page on the left side of the menu bar:

  • Next, you can select Microsoft Entra ID (SAML) at ‘Single sign-on’. This will take you to the settings page.

  • Here, you can select ‘Add’.

  • Thereafter, you can enter the credentials obtained from Microsoft.

    • At ‘Integration status’, you can indicate whether the integration is activated or not.

    • The ‘Login with “button" option allows you to decide whether a button should also be displayed in the login screen. Is this option disabled? Then, users can only log in through an external method via SSO (e.g., intranet).

  • Save the changes to activate the integration.

Are you having trouble with the setup? Please contact support.

Did this answer your question?