Cooperation with external systems
It can be linked to external systems in three ways: SAML, proprietary SSO, and LDAP.
*Select "Site Customizer" from the side menu and click on "Basic Settings".
Open the "Connect with External Systems" tab on the "Basic Settings" screen.
*We will not be able to address any issues that may arise as a result of your use of the Site Customizer. For more information about problems that may occur, please contact here..
Required
Customization options, site customizer, configuration page access permissions
Using SAML
To use SAML, turn "Use SAML" On.
*Be sure to click the "Save" button at the bottom right of the screen for all settings before exiting.
Introduction:
With regard to the use of SAML, the first thing to do is to create a "Single sign-on using SAML authentication for learningBOX.
SAML authentication setup with Microsoft Entra ID:
SAML authentication settings with Microsoft Entra ID are available.
*For more details, refer to How to Integrate with Microsoft Entra ID (formerly Azure AD)".
Advanced settings
01. Automatic account registration upon successful SAML authentication
If you have an account that is not registered in the learningBOX and the SAML authentication is successful, please turn the toggle On to register it as a new account.
02.Include Requested Authn Context attribute
If you want to support Microsoft365, turn the toggle Off.
03. SAML Detailed Settings
Please register your Idp information here.
04. SAML Parameter Mapping
Set which parameter values are applied to the login ID, name, and e-mail address, respectively.
Enter directly or open the "Add Fixed Parameter Tags" screen from the "Add" button and select from the pull-down menu.
From Ver. 2.23, Input field settingsIf you do not use "Login ID" in the "Login ID" setting, a random string will be applied to the "Login ID" here.
SP(learningBOX) configuration information
The information required to register learningBOX as SP for Idp is listed here.
Enter this information on the Idp side.
Use of Proprietary SSO Keys
LearningBOX's own single sign-on is available.
SSO Key Registration
01. Open new registration screen
Click on "+New."
*Up to 100 entries can be registered.
02. Settings
Set each of the following items.
▼ Use this SSO key
Be sure to tick the box to use the SSO key you have set up.
▼SSO Key
The API specification is available for download.
Refer to the "Unique SSO" section in the downloaded API specification and enter the information.
▼ referrer URL
By setting this, you can restrict access only from the URL you have entered.
Click the "+" button to add a referrer URL.
You can also click on the trash can icon to delete the file.
Up to 10 referrers can be set for one SSO key.
▼ Selected groups
You can specify which groups are allowed to log in.
Multiple groups can be specified.
If not set, no group restrictions will be set.
▼Automatically create a learningBOX account when an unregistered account logs in
When an unregistered account logs in, you can choose whether or not to create a new account.
Please tick if you wish to create one.
▼Allow account permissions to change
You can choose whether or not to allow override changes to privileges when parameters related to privileges exist in the API document. If you wish to allow it, please tick the box.
If you ticked "Automatically create a learningBOX account when an unregistered account logs in,
Even if you specify a group to allow login in "Target Groups," any unregistered account can log in. The account will also be registered as a member of the specified group.
Edit/delete SSO keys
Click on the "︙" icon on the far right of the target > select "Edit" or "Delete".
*For more information on items to edit,Register your SSO key.".
Using LDAP
LDAP integration with external systems is available.
*For more information on how to use the system,Using LDAP.".