Learnifier supports Single Sign-On using OpenID Connect in order for learners and administrators to be logged in against an OpenID Provider. Support exists in Learnifier for the hybrid flow and the authorization code flow.

Setup required from the customer:

You need to set up Learnifier as an OpenID Client in your OpenID Provider. First, determine where the OpenID Discovery endpoint is. If the endpoint is https://accounts.google.com/ then the following should provide with discovery information https://accounts.google.com/.well-known/openid-configuration. Make note of the endpoint.

The information you need to set up as the provider is:

• Authorized redirect URI. This value needs to be set to https://(your-learnifier-domain)/login/auth/oic/callback. So if you are running Learnifier under example.learnifier.com the URI should be https://example.learnifier.com/auth/oic/callback . Make sure that the URL is an HTTPS URL.

• Authorization flow. If there is an option for this set it to authorization code flow(recommended) or hybrid flow.

If you are setting this up against Google G Suite you will do the steps above at https://console.developers.google.com and add a client under Credentials and OAuth 2.0 client IDs. When setting up the client you should receive a ClientID and a Client Secret together with the discovery endpoint. Make sure you copy them exactly and send them to support@learnifier.com and describe that you want to set up OpenID Connect and which Learnifier domain name we are talking about. If your provider requires us to send any other scopes than OpenID, profile, or email, please provide that in the e-mail as well. When we receive the information we should be able to set this up. After we have done basic validation that the information is correct we will enable it for your domain.