Thinkific Single Sign-On (SSO)

---

Thinkific provides a platform that allows businesses or people to create and deliver online courses without any design or technical expertise. It allows its users to use their existing resources to set up online courses using an easy to use interface. Thinkific offers tools for setting up courses, managing students, payments, and marketing to reach a bigger audience. Its a one-stop shop for all your Online Course needs.

Challenge faced by Thinkific Users

Companies/People usually have an existing application/site where student credentials are already stored. Thinkific users want a continuous and seamless access to their portal through their existing accounts. They don't wish for their students to have a separate set of credentials for logging in to Thinkific. Thinkific allows its users to use their existing credentials to log in to their Thinkific platform using JWT (JSON Web Token). An interface needs to be created by users to generate that JWT token and log the users into Thinkific using their existing credentials. Users don’t always have control or the resources to generate such an interface. miniOrange has the perfect solution for such a problem.

miniOrange provides SSO solution for Thinkific

miniOrange has a ready made solution that users can use to authenticate themselves using their existing credentials and log into Thinkific. Users just have to click a link and based on the Identity Provider or User stored configured in miniOrange are redirected to the appropriate login page / Identity Provider for authentication. After successful authentication miniOrange constructs the necessary token and automatically redirects the user to the Thinkific SSO URL.

Thinkific deconstructs this payload and either finds the user and signs them in, or if they don’t already have an account on your Thinkific site, creates an account and signs them in.

Follow the Step-by-Step Guide given below for Thinkific Single Sign-On (SSO)

1. Configure Thinkific in miniOrange

• Login to miniOrange Admin Console.
• Go to Apps >> Manage Apps. Click on Add Application button.



• Select JWT App.Click on Thinkific.







• In Add Apps tab enter the values and click on Save.

  Custom Application Name	Choose appropriate name according to your choice.
  Description	Add appropriate description according to your choice.
  Redirect-URL	https://{Subdomain}.thinkific.com/api/sso/v2/sso/jwt?jwt=

• To configure App secret go to Edit against your configured app, Apps>>Select your app>>Edit






App Secret	The API Token fetched from Thinkific dashboard
Signature Algorithm	Choose HS256

• Click on Save
• Now, You can access Thinkific Account Using IDP credentials through the Single-sign-on URL as shown in image above.

2. Configure External IDP in miniOrange

• To login to Thinkific through the existing Application, go to Identity Provider tab in the left hand navigation menu.



• Here you can configure any Identity Provider of your Choice. e.g: Okta, Azure AD
• Note: you need to Send first_name and last_name as configure attributes



• To setup Azure AD as Identity provider Click Here.
• Also, to have a look over other Identity Provider Setup with miniOrange Click Here.

3. Setup miniOrange as a IDP or User Store

• Log in to miniOrange dashboard from the Admin Console.
• Navigate to User Stores in left hand side menu. Now click on Add User Store



• Switch to miniOrange subtab and click on Add miniOrange Identity Source





• This way you have successfully added miniOrange as Identity Source.
• Now, there are 3 ways to add users in miniOrange Identity Source:

1.1 Create User in miniOrange

1.2 Bulk Upload Users

1.3 Self User Registration




1.1 Create User in miniOrange

• Click on Users >> Add User.



• Here, fill the user details without the password and then click on the Create User button.



• Click on On Boarding Status tab. Check the email, with the registered e-mail id and select action Send Activation Mail with Password Reset Link from Select Action dropdown list and then click on Apply button.



• Now, Open your email id. Open the mail you get from miniOrange and then click on the link to set your account password.
• On the next screen, enter the password and confirm password and then click on the Reset Password button.



• Now, you can log in into miniOrange account by entering your credentials.



1.2 Bulk Upload Users in miniOrange via Uploading CSV File.

• Navigate to Users >> User List. Click on Add User button.



• In Bulk User Registration download sample csv format from our console and edit this csv file according to the instructions.



• To bulk upload users, choose the file make sure it is in comma separated .csv file format then click on Upload.



• After uploading the csv file successfully, you will see a success message with a link.
• Click on that link you will see list of users to send activation mail. Select users to send activation mail and click on Send Activation Mail. An activation mail will be sent to the selected users.



1.3 Self User Registration

• miniOrange self user registration allows end users to register themselves using customized registration form. miniOrange admin users can customize the registration form by adding more custom fields according to their choice. Learn More

4. Thinkific Login

• Lets say you have configured miniOrange as userstore.
• So after accessing the Single sign on URL , you will be asked for miniOrange crediantials.



• And on entering the valid credentials, Click on sign in and you will redirected successfully to Thinkific.