Skip to main content
All CollectionsCustomer Learning Cloud Registration & Authentication
Setting Up OAuth SSO in Academies
Setting Up OAuth SSO in Academies

Customer Learning Cloud: Learn how to set-up Single Sign On via OAuth for your Academy

Support avatar
Written by Support
Updated over a week ago

WorkRamp supports OAuth 2.0 for a Single Sign On method to be configured for your Academy. OAuth will work with OAuth to authenticate users.

Please note that if you have more than one Academy, you will need to go set up SSO separately for each Academy. Academies cannot share the same SSO setup.

Getting Started

Navigate to your Academy Settings and select 'Registration'.

Uncheck the box for "Allow Registration via Username and Password" and check the box for "Allow Registration via SSO."

Note: If you would like to allow users to register using either username + password or SSO, you can check the box for both registration options. You'll then want to select "oAUTH" for the SSO Type. 

Below is a list of OAuth settings that you will enter into WorkRamp

  • Client ID (Public client id used to distinguish this application)

  • Client Secret (Confidential password used in conjunction with the client id) 

  • Authorization URL (Endpoint that we’ll redirect the browser for users to sign in)

  • Access Token URL (Endpoint that will be used to make the access token request) 

  • User Data URL (Endpoint that will be used to request the user data)

  • Scope Parameters (List of parameters that will be used to send in authorization code request, this list will need to be space separated)

User Info Response Parameters 

  • First Name (Name of the parameter in user data response that contains users first name)

  • Last Name (Name of the parameter in user data response that contains user’s’ last name)

  • Email (Name of the parameter in user data response that contains user’s email)

Authorized Redirect URL: The callback endpoint provided by WorkRamp and is located directly at the bottom of the OAuth settings which your authorization server will redirect to containing the access token.

Please note that depending on your provider, you may need the Authorized Redirect URL first in order to configure the set up. 

Running an SSO Test

Once you have finished setting up OAuth SSO, we recommend running a quick test to make sure it works.

IMPORTANT: Make sure you run this test in an incognito window or separate browser.You should also run this test in non-peak hours or for a short period of time. This will lock out any users if the configuration is not set up properly.

Locking Custom Registration Fields

If you are syncing over Custom Fields via SSO and do not want users to be able to manually edit these fields, you can lock the fields using the "Locked" checkbox for the field on the Registration Settings page.

Did this answer your question?