Skip to main content
This is a custom warning

Does the component apply visual style — color, typography, icons, space, borders, and more — using appropriate variable tokens?

Tovuti Remains Operational during the Global Service Degradation

[6-12-2025 1:45 PM MT] We have noticed multiple services across the internet are degraded worldwide impacted by a Google Cloud Service Disruption. We want to ensure we are monitoring and Tovuti remains up and operational at this time. There are services that may be impactful to your sites, such as YouTube and Vimeo, among others. The MOYO button in the bottom right corner of the admin panel is also affected by this disruption.

Please check back here for updates.

Email support@tovutiteam.com if you have any questions.

Unlock the power of AI-generated content creation with Dizi

Dizi is an AI-powered LMS content creation assistant that creates quizzes and lessons in seconds and entire professional-looking courses in just minutes. Turn weeks of research, planning, and lesson-building into a click of a button.
Reminder! Tovuti Weekly Maintenance Window!

Tovuti's scheduled weekly maintenance window is every Saturday between 8:00 AM and 12:00 PM, US Mountain Time.

There may be downtime during this period.

Configure ADFS as the Single Sign-On Provider

  • Updated

Tovuti support several single sign-on providers. This article outlines the steps to set up ADFS and covers the following concepts:

 

Set ADFS as SSO Provider in Tovuti

Go to Configuration > click Single Sign-On > click New

configuration_sso_adfs_01.png

 

Details tab

In the Details tab, give this provider a Title. It is suggested that the title contains a reference to ADFS for easy selection in the future. Select ADFS in SAML Application.

configuration_sso_adfs_02.png

 

Service Provider Settings tab

In the Service Provider Settings tab, a unique EntityID/Issuer is created for this domain.

configuration_sso_adfs_03.png

 

Configure ADFS as Identity Provider (IDP)

In ADFS, click on Add Relying Party Trust > cick Start

In Select Data Source, select Enter data about the relying party manually > click Next.

In Specify Display Name, select Enter Display Name > click Next.

In Choose Profile, select the option AD FS Profile > click Next.

In Configure URL, check Enable support for the SAML 2.0 WebSSO protocol. Enter the ACS URL from the plugin found in Relying Party 2.0 SSO Service URL field. Click Next.

In Configure Identifiers, enter the SP-Entity ID/Issuer URL from the plugin found in Relying Party Trust Identifier. Click Add > click Next.

In Configure Multi-factor Authentification, select "I do not want to configure multi-factor authentication settings for this relying party trust > click Next.

In Choose Issuance Authorization Rules, select permit all users to access this relying party > click Next.

In Ready to Add Trusts, click Next. 

Check Open the Edit Claim Rules dialog and click close. Click Add Rule and select "Send LDAP Attributes as Claims." Enter the following:

  • Claim rule name > Enter claim rule name (any). For example Attributes
  • Attribute Store > Active Directory
  • LDAP Attribute > Email-Addresses
  • Outgoing Claim Type > Name ID

Click the Finish button.

 

For more information directly from AD FS on this process, see the following documentation.

 

Finish Configuring Tovuti as Service Provider (SP)

In the ADFS Setup Instructions tab, the Identity Provider Issuer, Identity Provider Single Sign-on URL, and X.509 Certificate are shown.

Copy this information and paste it into the Identity Provider Settings Tab

Click Update > click Test Configuration. This shows what Attributes and Values are being sent in the Okta SAML Assertion. This ultimately helps with Fields and Groups.

configuration_sso_adfs_04.png

 

User Profile Field and Attribute Mapping

After configuring all the settings in ADFS > click the User Profile Field Mapping tab in Tovuti

Enable the desired settings and provide the attributes found in ADFS. Create profile fields by clicking the "+" icon.

Configuring the settings in this tab syncs the profile field and attribute information between Tovuti and ADFS. The details of the User Profile Field Mapping tab are covered in this Help Center article.

While auto-registering the users on the Tovuti site, these attributes automatically map to Tovuti user details.

configuration_sso_adfs_05.png

 

User Group Mapping

Click the User Group Mapping tab.

Enable the desired settings and provide the attributes found in ADFS. Create profile fields by clicking the "+" icon.

Configuring the settings in this tab syncs group information between Tovuti and ADFS. The details of the User Group Mapping tab are covered in this Help Center article.

While auto-registering, the users are assigned roles based on the group they are mapped to.

configuation_sso_adfs_06.png

 

At any time, the configuration can be tested in the Identity Provider Settings tab.

It is recommended to run multiple tests over time to ensure everything is working properly.

configuration_sso_adfs_07.png

 

Enable Login Link

Go to Details Tab > toggle Yes on Add Login Link to Navigation > Select the menu where this link appears and give the link a name.

configuration_sso_adfs_08.png

Click Save.

 

Use Cases

The following are possible general use cases for utilizing this feature:

 

Centralizing user authentication for organizations using Active Directory

An enterprise LMS client wants their employees to access Tovuti using existing credentials managed in Active Directory Federation Services (ADFS), eliminating the need for duplicate usernames and passwords.

This feature is useful because:

  • ADFS acts as the identity provider (IDP) while Tovuti functions as the service provider (SP)

  • SAML 2.0 protocol enables secure web-based SSO

  • Authentication is seamless and managed entirely through the organization's existing infrastructure

Example Use Case
A manufacturing company uses ADFS to manage user access across multiple systems. They configure ADFS as an SSO provider in Tovuti using the Entity ID, ACS URL, and certificate values. Employees now log in via SSO and are authenticated using their corporate AD credentials without needing a separate LMS login.

 

Automating user profile creation and group-based permissions

An IT admin wants to ensure that user information — such as name and email — is automatically populated on first login, and that learners are placed into the right content groups based on their AD role or department.

This feature is useful because:

  • Field mapping connects LDAP/claim attributes from ADFS to Tovuti profile fields

  • Group mapping ensures learners are placed in correct user groups automatically

  • Reduces manual account management and onboarding time

Example Use Case
An attribute in ADFS labeled “Department” is used to auto-assign users to Tovuti groups like “Sales Enablement” or “HR Compliance.” When new hires log in, their profile fields and group access are created instantly using the mapped data — no manual setup needed.

 

Providing a seamless login experience with custom branding

A training team wants to make SSO as user-friendly as possible by adding a branded login option to the LMS navigation, reducing confusion for first-time learners.

This feature is useful because:

  • Admins can add an “ADFS Login” link to any navigation menu in Tovuti

  • Learners access the system using a familiar authentication method

  • Custom naming ensures alignment with internal IT terminology

Example Use Case
An organization adds a “Login with Company SSO” link to the top navigation menu of their learner portal. Clicking this redirects users to the ADFS login page, where authentication occurs. This streamlined flow reduces help desk tickets related to login confusion.

Related articles