Absorb LMS SAML Single Sign-On using DNN SAML as IDP
DotNetNuke (DNN) SAML IDP module acts as a SAML 2.0 Identity Provider which can be configured to establish the trust between the module and various SAML-compliant service providers to securely authenticate the user using the DotNetNuke (DNN) site credentials. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between DNN and Absorb LMS considering DNN as IdP. To know more about the other features we provide, click here.
Pre-requisites : Download And Installation
- Download DNN SAML Identity Provider (IDP) module.
- Upload the installation package dnn-saml-single-sign-on-sso-idp_xxx_Install by going in Settings > Extension > Install Extension.
- Open any of the page on your DNN site (Edit mode) and Click on Add Module.
- Search for moDNNSAMLIDP and click on the moDNNSAMLIDP. Drag and drop the module on the page where you want.
- You have finished with the Installation of the module on your DNN site.
1. Configure Absorb LMS as SP
- From the list of service providers given below, select Absorb LMS.
- There are two options in the module to share your IDP metadata to the service provider. Either you can share metadata URL or you can download the metadata (XML) file.
- Also you can add the IDP metadata manually by entering IDP Entity ID, Single Sign-On URL and x.509 Certificate:
- Log into the Absorb Admin Portal as a System Admin and navigate to Portal Settings.
- From Portal Settings, there is a button in the right-side context menu labeled Manage SSO Settings .
- If you can't see this button, please contact your Absorb Client Success Manager to enable this
feature. - Once you have clicked the button, you will be brought to the Manage Single Sign-On Settings page.
Any existing configurations will appear here, as well as the option to Add a new one.
| Name | Name of your Identity Provider |
| Key | The key is the x509 public certificate of the IDP Metadata,you can find this in IDP Metadata as Certificate . |
| Mode | Choose the principle request mode,either Service Provider Initiated orIdentity Provider Initiated. |
| Id Property | A unique identifier field chosen in the Absorb LMS to be used as the identifying NameID through the SAML assertion.Select Email Address from the drop-down. |
| Login URL | This is the URL where Absorb redirects users if they navigate directly to the Portal URL without an active session.You can find this in IDP Metadata as SAML Login URL |
| Logout URL (optional) | This is the URL where Absorb redirects users when they log out of the Absorb system.You can find this in IDP Metadata as SAML Logout URL |
| Automatically Redirect (optional) | When turned on, redirects all users who navigate directly to the Portal URL to the Login URL.Note: For the SP Initiated Mode this setting is always enabled. |
| Assigned Routes | This field allows you to search for and select any existing routes to assign.Assign which routes in your portal you would like to associate with this SSO configuration. |
You have successfully configured Absorb LMS as Service Provider.
2. Configure DNN as SAML IDP
- There are two options to add an application for your Service Provider in the IDP module
- IDP module requires SP Entity ID and ACS URL values from your service provider. You may get the metadata file (.xml) or metadata URL.
- You can upload metadata using Upload SP Metadata option where you can upload metadata using XML file or URL.
- You may refer to the screenshot below:
- You can choose any one of the options according to the metadata format you have available.
- Enter the values corresponding to the information from Absorb LMS. Refer to the table below.
- Once configured service provider metadata, Update the module settings
A] Upload metadata using Upload SP Metadata option
B] Configure the Service Provider metadata manually
| Service Provider Name | Absorb LMS. |
| SP Entity ID or Issuer | Copy and paste the SP-EntityID from Absorb LMS.. |
| ACS URL | Copy and paste the ACS URL from Absorb LMS. |
| NameID Format | urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress |
| Assertion Signed | Checked |
3. Attribute Mapping
- In this steps you will map the DotNetNuke user attribute to be sent in the response to the Service Provider.
- NameID defines what SP is expecting in the subject element of SAML Assertion. Generally, NameID is Username or Email Address. You can select which user attribute you want to send in the NameID.
- You can add other attributes to be sent in SAML Assertion to SP. The attributes include user’s profile attributes such as first name, last name, fullname, username, email, custom profile attributes etc.
4. Testing SSO
- In the Incognito browser window, enter the Absorb LMS URL.
- The browser will redirect you to the DNN Login screen.
- Enter the DNN Credentials and click on Log in.
- If you are redirected back to your Absorb LMS start page and logged in successfully, then your configuration is correct.
You have successfully configured DNN as SAML IDP ( Identity Provider) for achieving DNN SSO login into your Absorb LMS.
You can configure the DNN SAML IDP module with any service provider such as Azure AD, Azure B2C, Google Apps, Zoho Desk, Salesforce, WordPress, Cognito, Moodle, Zapier, Zoho, Zoom, Tableau Server, Hubspot, TalentLMS, WSO2 or even with your own custom service providers. You can find more service providers here.
Additional Resources
- ASP.NET SAML Single Sign-On (SSO)
- DNN SAML Single Sign-On (SSO)
- nopCommerce SAML Single Sign-On (SSO)
- DNN REST API Authentication
- Web3 login for ASP.NET Applications
Need Help?
Not able to find your identity provider? Mail us on dnnsupport@xecurify.com and we'll help you set up SSO with your service provider and for quick guidance (via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.
Need Help? We are right here!
