KodeKloud Integrations
Identity & Access (Business Tier)
- **SAML 2.0:** Okta, Azure AD (Entra ID), OneLogin, Ping Identity, JumpCloud, custom IdP - **OIDC:** Google Workspace, Microsoft Entra ID, Auth0, Keycloak - **SCIM 2.0:** Automated user lifecycle (provision/update/deactivate) - **Attribute mapping:** Groups → cohorts, roles → permissions - **JIT provisioning:** First-login account creation - **Session sync:** IdP-initiated logout propagates to KodeKloud
Learning Management Systems (LMS)
- **xAPI (Tin Can)** — Send completion statements to LRS/LMS - **SCORM 2004** — Package courses for import (limited to video content; labs require KodeKloud platform) - **LTI 1.3** — Embed KodeKloud as external tool in Canvas, Moodle, Blackboard, D2L - **Pre-built connectors:** Docebo, Cornerstone, SAP SuccessFactors Learning, Workday Learning (via API) - **Grade passback:** Completion % and assessment scores to LMS gradebook
HRIS & Workforce Systems
- **Workday** — Provisioning, profile sync, completion reporting - **BambooHR** — Employee sync, course assignment by department/role - **Rippling** — Identity + device + learning unified - **HiBob, Gusto, Personio** — Via API/webhook - **Custom HRIS** — REST API + webhooks for any system
Collaboration & Notifications
- **Slack:** Private channel notifications (completions, certifications, streaks, reminders) - **Microsoft Teams:** Adaptive card notifications in channels/chats - **Email:** Digest (daily/weekly), instant (certification achieved), admin alerts - **Webhooks:** Real-time events (user.created, course.completed, lab.failed, certification.earned, seat.assigned)
REST API (Business Tier)
**Base URL:** `https://api.kodekloud.com/v1` **Authentication:** Bearer token (org-scoped, rotatable, 90-day expiry) **Key endpoints:** - `GET /users` — List users with filters (status, cohort, role) - `POST /users` — Create user (triggers SSO JIT or email invite) - `PATCH /users/{id}` — Update profile, role, status - `DELETE /users/{id}` — Deactivate (retains data) - `GET /courses` — Catalog with metadata - `GET /users/{id}/progress` — Per-course/lab completion, scores, time - `GET /cohorts` — Manage learning groups - `POST /cohorts/{id}/assign` — Bulk assign courses/paths - `GET /reports/team` — Aggregated metrics for dashboards **Rate limits:** 1,000 req/min/org. Webhook retry: exponential backoff (5m, 15m, 1h, 6h). **SDKs:** TypeScript/JavaScript (official), Python (community).
Certification & Credential Export
- **Verifiable credentials** (W3C VC) for course completions & certifications - **LinkedIn integration** — One-click "Add to Profile" with verification link - **PDF certificates** — Branded, unique ID, QR verification code - **Bulk export** — CSV/JSON for HR records, compliance audits
Single Sign-On Setup Guide (High-Level)
1. **In KodeKloud Admin:** Settings → SSO → Generate ACS URL + Entity ID 2. **In IdP (Okta/Azure/Google):** Create SAML/OIDC app → Paste ACS/Entity ID 3. **Map attributes:** `email` (required), `firstName`, `lastName`, `groups` (optional) 4. **Test:** IdP-initiated login → Verify JIT provisioning → Assign cohort 5. **Enforce:** Toggle "Require SSO" (blocks email/password login) 6. **Rollout:** Pilot group → All users *Full step-by-step with screenshots in Business tier admin docs.*