How to set up iHASCO SSO with Azure AD

Supported Features

The Azure Active Directory (AD) / iHASCO Single Sign-On (SSO) integration currently supports the following features:

  • SP-initiated SAML2
  • SP-initiated Single Logout
  • Just In Time (JIT) Provisioning

Overview

You will need:

  • Access to the SSO feature within the iHASCO LMS. Tell your iHASCO account manager that you want to use SSO and they will enable it.
  • Your unique iHASCO URL key. This is the last part of your Training URL. For example, if your URL is app.ihasco.co.uk/voovavoo, then your URL key is voovavoo. Your Training URL is shown on the home screen when you sign in to the LMS at https://app.ihasco.co.uk/client/login

What you need to do:

  1. Add the iHASCO Training app to your Azure AD.
  2. Create the Identity provider(IDP) details in iHASCO LMS.
  3. Set the Registration method to use your IDP in iHASCO LMS.
  4. Test SSO with iHASCO Training using your Azure AD.

Add the iHASCO Training app to your Azure AD

  1. Sign in to your Azure AD account.
  2. Click Enterprise Applications then click New application.
  3. Search for ihasco.
  4. Click the iHASCO Training tile.
  5. Click Create.
  6. Click Set up single sign on.
  7. Click SAML.
  8. Change the Basic SAML Configuration with the following information:
  9. Note Remember to substitute your URL key for {url_key}

    Azure AD SSO Basic SAML Config Value
    Identifier (Entity ID) https://authentication.ihasco.co.uk/saml2/{url_key}/metadata
    Reply URL (Assertion Consumer Service URL) https://authentication.ihasco.co.uk/saml2/{url_key}/acs
    Sign on URL https://app.ihasco.co.uk/{url_key}
    Relay State Leave empty
    Logout Url https://authentication.ihasco.co.uk/saml2/{url_key}/sls
  10. Click Save.

Create the Identity provider details in iHASCO LMS

Note You need to sign in to your Azure AD account during this process because you need to copy and download Azure Identity provider details into your iHASCO LMS.

  1. Sign in to iHASCO LMS as an administrator at https://app.ihasco.co.uk/client/login.
  2. Click Settings.
  3. Scroll down to the Advanced card and click Single Sign On.
  4. Click Add Provider and select SAML2.
  5. Type your name for this provider in Description.
  6. Scroll to find IDENTITY PROVIDER DETAILS.
  7. Copy and paste the values in the following fields from Azure AD to iHASCO:
  8. Copy from Azure AD SSO:
    4 Set up iHASCO Training
    Paste to iHASCO LMS SSO:
    IDENTITY PROVIDER DETAILS
    Required
    Login URL Single Sign-on URL Yes
    Logout URL Single Logout URL Optional
    Azure AD Identifier Entity ID Yes
  9. Download, copy and paste the Signing Certificate from Azure AD to iHASCO:

  10. Copy from Azure AD SSO
    3 SAML Signing Certificate
    Paste to iHASCO LMS SSO
    IDENTITY PROVIDER DETAILS
    Find Certificate(Base64) and click Download
    Open the file in a text editor and copy all the contents
    Find X509 (Public) Certificate
    Paste the file contents into the box
  11. Scroll to find USER ATTRIBUTE MAPPING.
  12. Copy and paste the following addresses:
  13. Email address http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
    First name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
    Last name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
  14. Click Save.
  15. Click Enable now.

Set the Registration method in iHASCO LMS

  1. Click Settings.
  2. Scroll down to the Advanced card and click Security.
  3. Find Registration Method and select Single Sign On Provider.
  4. Choose your new provider as the Selected Provider.
  5. Click Save changes.

Azure AD / iHASCO SSO set up is now complete.

Test SSO using Azure AD

Note Remember to add users to the iHASCO Training application in Azure AD before testing and sign out of any iHASCO administrator accounts before testing.

  1. From your Azure AD account, find 5 Test single sign-on with iHASCO Training.
  2. Click Test.

If the test is successful, you will be signed in and taken to the iHASCO My Learning screen (or to the iHASCO LMS if testing with a pre-registered admin account).

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact us Contact us