All Docs
FeaturesCSI Teachable Replacement AppUpdated March 15, 2026

SSO Provider Configuration UI

SSO Provider Configuration UI

Version 1.0.58 introduces a self-service admin panel for connecting your organization's identity provider (IdP) to the platform. Once configured, your learners authenticate through your existing SSO system rather than managing separate platform credentials.

Overview

The SSO configuration panel is accessible to organization admins from the admin dashboard. It supports two industry-standard protocols:

ProtocolInput Required
OIDC (OpenID Connect)Discovery (well-known) URL
SAML 2.0IdP Metadata XML or Metadata URL

Configuring an OIDC Provider

  1. Navigate to Admin → SSO Settings.
  2. Select OIDC as the protocol.
  3. Enter your identity provider's Discovery URL (e.g. https://your-idp.example.com/.well-known/openid-configuration).
  4. Complete the Attribute Mapping fields (see below).
  5. Click Test Connection to validate the configuration.
  6. Once the test passes, click Save.

Configuring a SAML Provider

  1. Navigate to Admin → SSO Settings.
  2. Select SAML as the protocol.
  3. Provide your IdP's SAML Metadata — either paste the raw XML or supply a metadata URL.
  4. Complete the Attribute Mapping fields (see below).
  5. Click Test Connection to validate the configuration.
  6. Once the test passes, click Save.

Attribute Mapping

Attribute mapping tells the platform how to translate the claims your IdP sends into the platform's internal user profile fields. Common mappings include:

Platform FieldTypical IdP Claim (OIDC)Typical IdP Attribute (SAML)
Emailemailurn:oid:0.9.2342.19200300.100.1.3
First Namegiven_nameurn:oid:2.5.4.42
Last Namefamily_nameurn:oid:2.5.4.4
Groups / Rolesgroups(IdP-specific)

Enter the exact claim or attribute name your IdP uses for each field. These values are case-sensitive and must match what your IdP sends in the token or assertion.

Testing the Connection

Before saving, use the Test Connection button to verify that the platform can reach your IdP and that the configuration is valid. The test will:

  • Resolve the discovery document or parse the SAML metadata.
  • Confirm endpoint reachability.
  • Report a success confirmation or a descriptive error message indicating what needs to be corrected.

Always test the connection before saving to avoid locking out users with a broken configuration.

Notes

  • Only one SSO provider can be active per organization at a time.
  • Changes to the SSO configuration take effect immediately upon saving.
  • Existing sessions are not invalidated when the configuration changes; new login attempts will use the updated settings.
  • If the connection test fails, the configuration is not saved, preventing accidental misconfiguration.

Related