Once enabled, Single Sign-On allows learners to log in to Form LMS and access their training without remembering a new username and password.
Form LMS has the option to allow your organisation to use one or more instances of a SAML2.0 compliant single sign-on (SSO) module, each one able to connect to a different Identity Provider such as G-Suite or Azure AD.
If you would like to enable single sign-on, then please contact your account manager to purchase and activate it.
Role required: A Me Learning Administrator will be able to enable SSO on your site. Once enabled, any user with an identity provider login can log in using SSO.
Once the SSO module has been added to your site, we will work with you to configure your setup and connect the application to your Identity Provider.
This is a simple three-stage process:
1. Me Learning will share the data you need for your configuration.
2. You set up the connection in your Identity Provider; see the links below for guidance.
Setting up Single Sign-On for Azure
Setting up Single Sign-On for G-Suite
3. You share the metadata from your Identity Provider with us, and we'll complete the setup for you.
Single Sign-on (SSO) and 2FA/MFA (multi-factor authentication)
When logging in, learners have the option of using either Single Sign-on (SSO) authentication OR Multi-Factor Authentication (MFA). However, these two methods cannot be combined for the same user simultaneously. If both are active and set up, then once SSO has been selected at login, 2FA/MFA is ignored.
If a learner uses SSO:
- Form LMS will redirect them to their organization's authentication system after validating their username/email.
- The organization's security rules and settings will apply
- Any login settings configured in Form LMS (such as 2FA/MFA) will be ignored
SSO is not enforced. Users will always be able to use the standard authentication (username/email and password). This means an organisation can use SSO for those users within its network and standard authentication/2FA MFA for those outside it.