Skillibrium SSO Setup

Getting Started with SSO connection


Single sign-on allows your organizational users to login to Skillibrium using your company credentials, using your SSO central identity provider to verify you once, then granting access to connected, trusted applications, creating a seamless experience. Skillibrium single sign-on (SSO) is based on SAML 2.0. Once Skillibrium receives a SAML response from the Identity Provider (IdP), it checks if this user exists. 

Getting Started 

You will work in your Skillibrium sandbox environment to do your preliminary set-up and testing. Once your organization has fully tested the process in the Sandbox, then you will follow the same steps in the production environment. 

Key Steps

  1.  Configure your HRIS integration to manage all user access and information. Follow the steps to connect to an HRIS platform here. Only users created/synced from an HRIS platform will have access to SSO in Skillibrium. 
  2.  Set up your SSO connection (steps below).

Basic Workflow

  1. Request Access: User tries to access Skillibrium (either directly or via bookmarked link).
  2. Verify if SSO-enabled: Skillibrium checks if the company account has enabled SSO for their users.
  3. Validate user type: Check if user logging in is from an integrated HRIS account.
  4. Redirect to SSO Identity Provider (IdP): Skillibrium redirects the user to the IdP for login.
  5. Authentication: User logs in to the IdP (or is already logged in).
  6. Token Issuance: IdP creates and sends a signed token to Skillibrium.
  7. Access Granted: Skillibrium validates the token and grants access to the application.

User Access Behavior

When Skillibrium receives a valid authentication response:
  1. Access IS granted when the following conditions are met:
    1. User exists in Skillibrium 
    2. User is an active integration user
  2. Access IS NOT granted when the following conditions are met:
    1. If the user does not exist, Skillibrium does not automatically create the user
    2. If the user is an active user but IS NOT an integration user, user will be sent a magic link instead

Integration Steps

Configure your Identity Provider (Okta example)

These example steps below are for creating a new Application in Okta. The steps will vary based on your IdP.
  1. Sign in to the Okta Admin Console.
  2. Navigate to Applications > Applications.
  3. Click Create App Integration.
  4. In the dialog box, select the Sign-in method: OIDC - OpenID Connect.



  5. Select the Application type: Web Application.



  6. On the next page, provide a descriptive App integration name: Skillibrium.  
  7. Configure the required settings:

SANDBOX (Contact Skillibrium Support)

PRODUCTION

  1. Sign-on URL: 
  2. Sign-out URL:  
  3. Identifier (Entity ID): 
  4. Callback URL:  
  1. Sign-on URL: https://skillibrium.us.auth0.com/login/callback
  2. Sign-out URL: https://app.skillibrium.com/skillibrium/
  3. Identifier (Entity ID): 
  4. Callback URL:  https://app.skillibrium.com/skillibrium/login

     8. Configure the Assignments section to control access, selecting who in your organization can see the app in their Okta Dashboard.

    1. Note that user information and active and inactive status will be controlled by the HRIS <> Skillibrium integration for your company.

Share the IDP Metadata to Skillibrium

  1. Our technical team will ask you to provide the following information.
    1. Client Id
    2. Client Secret
    3. Domain
    4. XML Metadata
  2. Skillibrium will configure and will provide your IT team with the required callback/redirect URL. This URL tells your Identity Provider where to send users after they have successfully authenticated. Register or whitelist the provided callback URL in your Identity Provider (if necessary).

Test

Verify the following scenarios
  1. Users can login
    1. As expected (from IdP or Skillibrium login link)
    2. As expected from any triggered emails (Skillibrium Coach or Skillibrium Learn)
    3. As expected after changing a password in the IdP
  2. Users are logout 
    1. Via Computer restart
    2. Via clearing cache manually
    3. Via change password
    4. Via clearing cookies manually

    • Related Articles

    • Integrate Workday with Skillibrium

      We partner with Merge.dev which facilitates the connection to different platforms via their unified API. Click this guide from Merge to connect your Workday account before integrating it with Skillibrium as shown below. We recommend that admins reach ...

    • Integrate Salesforce.com with Skillibrium

      Skillibrium’s user-friendly platform enhances the effectiveness of CRM data, making it usable, actionable, and trusted in the daily work of the Go-To-Market team. By leveraging AI enrichment, users can save time and avoid the need for manual data ...

    • Integrate BambooHR with Skillibrium

      Skillibrium users can now establish and maintain a BambooHR connection with Skillibrium. Skillibrium partners with Merge.dev which enables seamless integration of BambooHR with Skillibrium. Click the guides from Merge to connect your BambooHR account ...

    • Integrate Personio with Skillibrium

      Skillibrium users can now establish and maintain a Personio connection with Skillibrium. Skillibrium partners with Merge.dev which enables seamless integration of an organization's Personio environment with Skillibrium. Before integrating the ...

    • Change the status of a task

      Applicable Roles Administrators Supervisors Contributors Manual Tasks can be set to Not Started, In Progress, or Complete. Only Manual tasks have a Delete icon () under the Actions column in the My Tasks table view. To change the status of a task, ...