All Docs
Getting StartedCSI Teachable Replacement AppUpdated March 15, 2026

Blog: Locking Down Courses to Org Members — v1.0.68

Locking Down Courses to Org Members — What's New in v1.0.68

One of the foundational promises of our platform is that your organization's courses stay within your organization. With v1.0.68, that promise is now enforced at every layer of the learner experience.

The Problem We Solved

In a multi-tenant platform where courses are tied to specific organizations, it's not enough to hide a course from the catalog. Every page in the learner journey — the course detail page, the enrollment flow, and every individual lesson — is a potential entry point. Without consistent enforcement, a shared URL or a cached bookmark could expose content to someone outside your org.

What We Built

We introduced a uniform org-membership gate that wraps every learner-facing page and action. Before any content is rendered or any enrollment is processed, the system asks two questions:

  1. Is this user authenticated?
  2. Is this user a member of the organization that owns this course?

If the answer to either question is no, the user is redirected straight to the SSO login flow — no error pages, no leaked content, no ambiguity.

Why SSO-First Matters Here

Redirecting to SSO rather than showing a generic "403 Forbidden" page is a deliberate choice. It means:

  • Employees who haven't yet signed in are guided to authenticate rather than hitting a dead end.
  • Users from the wrong org aren't told anything useful about the course or its existence — they're simply asked to log in through the correct identity provider.
  • The login experience stays consistent with what your users already know from the rest of their identity provider.

Scope of Protection

The gate is applied at every point that matters:

  • Course catalog and detail pages — no browsing without membership.
  • Enrollment — the server-side action is gated, not just the UI button.
  • Individual lesson pages — direct URL access is blocked at the lesson level, not just at the course index.

No Action Required

This change is automatic for all existing and future courses. There are no feature flags to toggle, no per-course settings to configure. As long as your SSO integration is set up correctly, your learners will be checked against their org membership on every request.

If you haven't completed your SSO setup yet, now is a good time — head to the SSO Integration guide to get started.

v1.0.68 is available now. Check the changelog for the full release notes.