Skip to main content

🔑 Understand and Enable SSO on Your Platform

Simplify access to Didask with SSO: single sign-on for your learners, centralized governance for your IT teams, and the option to enforce SSO as the only authentication method.

Written by Océane

⏱️ The Essentials in 3 Minutes

• What SSO is and why to enable it on Didask.
• The 3 compatible SSO standards (SAML, OIDC, Ypareo) and their specifics.
• How the setup works in 4 steps.
• How to enforce SSO login to centralize all access.


🧠 Understand the Value of SSO on Didask

On a learning platform, every forgotten password is a learner who drops off and an admin who loses time. SSO lets your users log in to Didask with their company account, with no new password to remember or manage.

For IT teams, it is also a governance lever: access is managed from your central directory (Entra ID, Okta, Google Workspace...), simplifying administration and strengthening security.

📌 SSO setup is free on Didask, with no additional cost.


🔍 Understand What SSO Is

SSO (Single Sign-On) is a single login method: the user signs in once and automatically accesses multiple applications without re-entering credentials each time.

📌 Concrete example: when a site like YouTube lets you sign in with your Google account, that is SSO technology.

Why organizations use SSO:

  • It simplifies access without scattering credentials across tools.

  • It streamlines access management.

  • It strengthens security when the identity provider is itself secured, through: centralized and industrialized access management, enforcement of global security policies, and reduced human errors in authentication.


🎁 Identify the Benefits of SSO on Didask

For whom

What it brings

🧙 Admins

Centralized access, elimination of redundant accounts, no more managing lost passwords.

🎓 Learners

One less password to remember, smooth and immediate access to their training.

🛡️ IT / IS teams

Stronger governance, compliance with security audits, enforcement of global access policies.

💰 Your budget

Free setup with Didask, no additional cost.


🔐 Choose the Right SSO Standard for Your Organization

Didask supports three SSO options depending on your identity provider and context.

SSO via SAML 2.0

  • Widely used standard in large organizations.

  • Compatible with common identity providers: Entra ID (formerly Azure AD), ADFS, Google Workspace, etc.

  • Ideal for clients with a mature IT infrastructure.

SSO via OIDC (OpenID Connect)

  • Often available with common identity providers.

  • A more modern protocol increasingly used in new deployments.

SSO via Ypareo

  • Specific to training organizations and apprenticeship centers (CFA) using the Ypareo ERP.

  • Enables seamless connection between administrative management (Ypareo) and the Didask platform.


🆚 Compare Options by Standard

Depending on the standard used, several options are available. Identify what matches your needs.

Feature

SAML 2.0

OIDC

Ypareo

Authentication via the identity provider

✅ Yes

✅ Yes

✅ Yes

Automatic creation of unregistered users

Optional

Required

Required

Automatic access to content via a publication or program link

Optional

Optional

Required

Group mapping between the identity provider and Didask

Optional

❌ No

❌ No


⚙️ Set Up SSO in 4 Steps

Setup is done in collaboration between our team and yours.

Step

Name

Goal

1

Needs assessment

Confirm that SSO addresses a real need, and determine whether group management should be driven by SSO.

2

Information exchange

Client side: provide a technical contact and the SSO standard to use. Didask side: provide the SSO documentation needed for configuration.

3

SSO application creation

The client creates the SSO application in their identity provider, sends the technical details to Didask, who completes the configuration on their end.

4

Testing and go-live

The client verifies everything works correctly, then moves to production.

💡 Initial configuration and testing can be done on a staging platform before going live.

🔗 Technical resources:

  • The generic SSO documentation is available on the Didask API documentation.

  • You also have a personalized page with all URLs pre-configured for your platform, at: https://YourPlatform.didask.com/api/v1.


🛜 Enforce SSO Login (SSO-only mode)

Once your SSO is configured, you can go further and enforce SSO login as the only possible authentication method.

SSO-only mode removes all choice from the login page: your learners see a single Log in with SSO button. No hesitation, no risk of accidentally creating a local account, and instant access thanks to their already-active session.

📌 Example: a large company with 5,000 employees. The IT team enforces SSO-only mode. Result: learners log in with one click from the intranet, with no new password to remember, and the IS department passes its annual audit on access centralization.

Who is this useful for?

  • Company admins: to enforce SSO for all employees and simplify access governance.

  • IT / IS teams: to satisfy audits that require the LMS to enforce SSO.

  • Training managers: to prevent learners from creating a local account instead of using their company account.

How to enable it

⚠️ Prerequisite: SSO (SAML or OIDC) must already be configured on your platform.

  1. Contact your Customer Success Manager or support via the chat bubble at the bottom right of your platform.

  2. Our team enables the SSO-only mode option on your platform.

  3. Once active, the login page only shows the Log in with SSO button. The email and password fields are hidden.

⚠️ Activation is done by the Didask team only from our back-office. You cannot enable it yourself from the admin interface.

Temporarily disabling the mode

Need to restore email and password login (SSO transition, IDP outage, emergency access)? Your CSM can disable the option at any time. The change takes effect after a page reload.

Things to know before enabling

  • No account migration: existing accounts are not deleted. They remain accessible via SSO if the user also exists in the directory.

  • Magic links and access codes continue to work normally. SSO-only mode only hides password-based login.

  • Admins are affected just like learners. Make sure all your admins are provisioned in SSO before enabling.

  • Didask support retains dedicated access to the workspace for support purposes.

  • Without a configured SSO, the option has no effect.


⁉️ Resolve Common Cases

Question

Answer

Can we offer both SSO and classic login?

✅ Yes, Didask can keep both login options (unless you enable SSO-only mode).

Can we connect multiple SSOs by group or entity?

❌ No.

Can we test SSO before going live?

✅ Yes, a test environment is available before deployment.

Is it possible to disable or revoke SSO?

✅ Yes, the switch is reversible at any time.

Can learners still log in with their password once SSO-only mode is enabled?

❌ No. The email and password fields are no longer visible. They must go through your SSO.

What happens if our SSO goes down?

Users cannot log in until SSO is restored. Contact your CSM to temporarily disable the mode and allow emergency access.

Are magic links and access codes affected by SSO-only mode?

❌ No. Only the email and password fields are hidden. Other authentication methods remain operational.

Can SSO-only mode be enabled from the admin interface?

❌ No, activation is done by the Didask team only. Contact your CSM.


Keywords: SSO, Single Sign-On, SAML 2.0, OIDC, OpenID Connect, Ypareo, Entra ID, Azure AD, ADFS, Google Workspace, identity provider, SSO-only mode, mandatory SSO, access governance, IT compliance, centralized authentication.

Did this answer your question?