Hello there!

Need Help? We are right here!

support
miniOrange Email Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Thinkific Single Sign-On (SSO)


Thinkific provides a platform that allows businesses or people to create and deliver online courses without any design or technical expertise. It allows its users to use their existing resources to set up online courses using an easy to use interface. Thinkific offers tools for setting up courses, managing students, payments, and marketing to reach a bigger audience. Its a one-stop shop for all your Online Course needs.

Challenge faced by Thinkific Users

Companies/People usually have an existing application/site where student credentials are already stored. Thinkific users want a continuous and seamless access to their portal through their existing accounts. They don't wish for their students to have a separate set of credentials for logging in to Thinkific. Thinkific allows its users to use their existing credentials to log in to their Thinkific platform using JWT (JSON Web Token). An interface needs to be created by users to generate that JWT token and log the users into Thinkific using their existing credentials. Users don’t always have control or the resources to generate such an interface. miniOrange has the perfect solution for such a problem.

miniOrange provides SSO solution for Thinkific

miniOrange has a ready made solution that users can use to authenticate themselves using their existing credentials and log into Thinkific. Users just have to click a link and based on the Identity Provider or User stored configured in miniOrange are redirected to the appropriate login page / Identity Provider for authentication. After successful authentication miniOrange constructs the necessary token and automatically redirects the user to the Thinkific SSO URL.

Thinkific deconstructs this payload and either finds the user and signs them in, or if they don’t already have an account on your Thinkific site, creates an account and signs them in.

Thinkific Single Sign-On (SSO)

Video Setup Guide



Connect with External Source of Users


miniOrange provides user authentication from various external sources, which can be Directories (like ADFS, Microsoft Active Directory, Azure AD, OpenLDAP, Google, AWS Cognito etc), Identity Providers (like Shibboleth, Ping, Okta, OneLogin, KeyCloak), Databases (like MySQL, Maria DB, PostgreSQL) and many more.



Pre-requisite

    Obtain the following information from Thinkific.

  • Login to your Thinkific, go to Settings. Click on Code & analytics.
  • Navigate to API.
  • Thinkific Single Sign-On (SSO): API and subdomain

  • You can find the API Key ( Shared Secret ) here.
  • Also, Obtain the Subdomain from here and replace the URL next.
  • JWT Endpoint URL: Example : https://{Subdomain}.thinkific.com/api/sso/v2/sso/jwt?jwt=

Follow the Step-by-Step Guide given below for Thinkific Single Sign-On (SSO)

1. Configure Thinkific in miniOrange

  • Login to miniOrange Admin Console.
  • Go to Apps Click on Add Application button.
  • Thinkific Single Sign-On (SSO) add app

  • Select JWT App.Click on Thinkific.
  • Thinkific Single Sign-On (SSO): saml jwt app

    Thinkific Single Sign-On (SSO): saml jwt app

    Thinkific Single Sign-On (SSO): add jwt app

  • In Add Apps tab enter the values and click on Save.
    Custom Application Name Choose appropriate name according to your choice.
    Description Add appropriate description according to your choice.
    Redirect-URL https://{Subdomain}.thinkific.com/api/sso/v2/sso/jwt?jwt=
  • To configure App secret go to Edit against your configured app, Apps>>Select your app>>Edit
  • Thinkific Single Sign-On (SSO): edit-jwt-app

    Thinkific Single Sign-On (SSO): edit-jwt-app

    App Secret The API Token fetched from Thinkific dashboard
    Signature Algorithm Choose HS256
  • Click on Save
  • Now, You can access Thinkific Account Using IDP credentials through the Single-sign-on URL as shown in image above.
  • For Attribute Mapping, go to Select>>Edit.
  • Enter the Client Id, App Secret and Client Token.
  • To map the atrrinutes between the IDP and miniOrange application, click on Attributes + button.
  • The first three attributes will be hard-coded values.
  • Attribute NameAttribute Value
    store_hashCustom Attribute Value
    redirect_toCustomer Attribute Value
    opeartionCustomer Attribute Value

  • If you are using an external IDP, you need to map the attributes coming in from the idp by choosing the external IDP option.
  • Attribute Mapping

  • Now, You can access Thinkific Account Using IDP credentials through the Single-sign-on URL as shown in image above.

2. Configure Your User Directory

miniOrange provides user authentication from various external sources, which can be Directories (like ADFS, Microsoft Active Directory, Azure AD, OpenLDAP, Google, AWS Cognito etc), Identity Providers (like Okta, Shibboleth, Ping, OneLogin, KeyCloak), Databases (like MySQL, Maria DB, PostgreSQL) and many more. You can configure your existing directory/user store or add users in miniOrange.



  • Log in to miniOrange dashboard from the Admin Console.
  • Now, there are 3 ways to add users in miniOrange Identity Source:
    • 1.1 Create User in miniOrange

      • Click on Users >> Add User.
      • Thinkific Single Sign On (sso) add user in miniOrange

      • Here, fill the user details without the password and then click on the Create User button.
      • Thinkific Single Sign On (sso) add user details

      • Click on On Boarding Status tab. Check the email, with the registered e-mail id and select action Send Activation Mail with Password Reset Link from Select Action dropdown list and then click on Apply button.
      • Thinkific Single Sign On (sso) email action

      • Now, Open your email id. Open the mail you get from miniOrange and then click on the link to set your account password.
      • On the next screen, enter the password and confirm password and then click on the Reset Password button.
      • Thinkific Single Sign On (sso) reset user password
      • Now, you can log in into miniOrange account by entering your credentials.

      1.2 Bulk Upload Users in miniOrange via Uploading CSV File.

      • Navigate to Users >> User List. Click on Add User button.
      • Thinkific Single Sign On (sso) add user via bulk upload

      • In Bulk User Registration download sample csv format from our console and edit this csv file according to the instructions.
      • Thinkific Single Sign On (sso) download sample csv file

      • To bulk upload users, choose the file make sure it is in comma separated .csv file format then click on Upload.
      • Thinkific Single Sign On (sso) bulk upload user

      • After uploading the csv file successfully, you will see a success message with a link.
      • Click on that link you will see list of users to send activation mail. Select users to send activation mail and click on Send Activation Mail. An activation mail will be sent to the selected users.

      1.3 Self User Registration

      • miniOrange self user registration allows end users to register themselves using customized registration form. miniOrange admin users can customize the registration form by adding more custom fields according to their choice. Learn More

miniOrange integrates with various external user sources such as directories, identity providers, and etc.

  • Note: Once you configure the IDP, you need to Send first_name and last_name as configure attributes
  • Thinkific Single Sign-On (SSO): send-configured-attributes

Not able to find your IdP or Need help setting it up?


Contact us or email us at idpsupport@xecurify.com and we'll help you setting it up in no time.



3. Test SSO Configuration


Using SP Initiated Login

  • Login to your Thinkific account.
  • On the Dashboard, Click on Desgin your site-> Theme library option.
  • thinkific Single Sign-On (SSO)desgin site

  • Click on Three Dots as shown in the below image and select EDIT CODE option from dropdown.
  • thinkific Single Sign-On (SSO) edit-code

  • Now, click on the Snippets link and search for meta_tag option and click on it.
  • thinkific Single Sign-On (SSO) snippets

  • Add Single Sign-On URL in the below format as shown in the image, (you will get this url from step 1) and click on Save button.
  • thinkific Single Sign-On (SSO) url

    thinkific Single Sign-On (SSO) login

  • Go to your Thinkific URL, click on SIGN IN button which will redirect you to miniOrange IdP Sign On Page.
  • Thinkific Single Sign-On (SSO): miniOrange Login

    Thinkific Single Sign-On (SSO): miniOrange Login

  • Enter your miniOrange login credential and click on Login. You will be automatically logged in to your Thinkific account.
  • Thinkific Single Sign-On (SSO): Thinkific Login

Using IDP Initiated Login

  • Log into miniOrange IdP using your credentials.
  • On the End User-Dashboard, click on the Thinkific application configured, to test the SSO flow.
  • Thinkific Single Sign-On (SSO): verify configuration

  • You will be successfully logged into Thinkific.
  • Thinkific Single Sign-On (SSO): Thinkific Login

Using SP Initiated Login

  • Login to your Thinkific account.
  • On the Dashboard, Click on Desgin your site-> Theme library option.
  • thinkific Single Sign-On (SSO)desgin site

  • Click on Three Dots as shown in the below image and select EDIT CODE option from dropdown.
  • thinkific Single Sign-On (SSO) edit-code

  • Now, click on the Snippets link and search for meta_tag option and click on it.
  • thinkific Single Sign-On (SSO) snippets

  • Add Single Sign-On URL in the below format as shown in the image, (you will get this url from step 1) and click on Save button.
  • thinkific Single Sign-On (SSO) url

    thinkific Single Sign-On (SSO) login

  • Go to your Thinkific URL, click on SIGN IN button which will redirect you to miniOrange IdP Sign On Page.
  • Thinkific Single Sign-On (SSO): miniOrange Login

  • On accessing the Single sign-On URL as mentioned in the second step, you will be asked to enter your Okta credentials.
  • Thinkific Single Sign-On (SSO): miniOrange Login

  • On entering the valid credentials, you will be successfully logged into Thinkific.
  • Thinkific Single Sign-On (SSO): Thinkific Login

Using IDP Initiated Login

  • Log into Okta using your credentials.
  • Click on Admin to access the Admin Console, then click on Applications.
  • Click on Add Application and search for "Bookmark App", and Click Add in the left pane.
  • Choose an app name of your choice which will be the display name.
  • In the URL section, enter the SSO URL that is given in the JWT app.
  • Thinkific Single Sign-On (SSO): Thinkific add bookmark app

  • Click on Save.
  • On the End User-Dashboard, click on the Thinkific bookmark application configured, to test the SSO flow.
  • Thinkific Single Sign-On (SSO): verify configuration

  • You will be successfully logged into Thinkific.
  • Thinkific Single Sign-On (SSO): Thinkific Login

Our Other Identity & Access Management Products