Managing the Platform Advanced Settings

Learn how to configure your platform at global level

Last Updated

November 18th, 2020

Docebo Module

Learn

Reading Time

13 min

User Level

Introduction

Docebo’s platform Advanced Settings allow you to manage site configurations at a global level to create the desired user experience but also help determine important defaults such as timezone, password requirements, email preferences and what content tags are allowed in your system. It is important to review all of the options available and make configurations that meet your business needs. 

Advanced Settings Options

From your Docebo Admin Menu click on Advanced Settings found under the Settings section. Next, you will see a menu found under Main Functions.

Explore each section within this menu and configure your preferred settings. Depending on the options/integrations activated in your platform, you may see extra tabs in the Advanced Settings area. This article describes the option enabled by default. 

Learn More

Most Advanced Settings are referenced within the individual article that pertains to the associated functions. To learn more about these settings and how they impact your user experience and platform operations review the related articles linked in the sections listed below.

Self Registration Tab

Use this tab to configure the behavior of the self-registration feature on your platform. More information available here

Users Tab

This tab collects several parameters for the management of users. Parameters are grouped into different areas:

Options

Send verification email at first login:  when this option is enabled, users will receive an email upon their first login to verify their email address. Refer to this article for further information on verification emails on your platform. 

Hide the My Profile and the Preferences sections in the user personal area for learners and Power Users, and the My Profile section only for Superadmins: use this option to hide the My Profile and the My Preferences sections in the user personal area for learners and Power Users, and the My Profile section for Superadmins. Superadmins will still be able to see the My Preferences section when this option is active.

Upon sign in, users are prompted to fill in the mandatory fields related to their profile: when this option is enabled, users will be forced to enter the missing mandatory additional fields when connecting to the platform. Enabling this option can be useful to collect user data when introducing new additional fields. Refer to this article for further information on user additional fields. 

Apply additional fields visibility based on branch nodes: activate this option to enable the possibility to manage the visibility of user additional fields to branches. Refer to this article for further information on how to manage the visibility of additional fields. 

Show full name as “Firstname Lastname”: this option regulates the way user names are displayed on the platform. By default, names are shown as Lastname Firstname. Use this option to revert the order to Firstname Lastname. 

Automatically calculate password: use this option to enable the platform to automatically generate a password for users, upon creation. Refer to this article for further information on the platform password management policy. 

Use Email as Username: use this option to use email addresses as usernames. When enabling this option, make sure that your users are associated with valid email addresses. Please note that when this option is active, the email address used as username is the one associate to the user at the user creation time. If users update their email address in their personal area, the username is not updated to reflect the new email address. 

Privacy policy MUST be accepted: when this option is enabled, users will have to accept the privacy policy to access the platform. If this option is not enabled, Superadmins are still able to access the Privacy Policy configuration area in the platform to create and manage the privacy policy, but it will not appear to users on the login or registration page of the platform. We suggest to keep this option disabled while the privacy policy is in draft mode, then activate it after creating the first policy in your platform. Refer to this article for further information on Privacy Policy.

Terms & Conditions MUST be accepted: when this option is enabled, users will have to accept the platform terms & conditions to access the platform. If this option is not enabled, Superadmins are still able to access the Terms & Conditions configuration area in the platform to create and manage the platform Terms & Conditions, but it will not appear to users on the login or registration page of the platform. We suggest to keep this option disabled while Terms & Conditions are in draft mode, then activate it after creating the first version in your platform. Refer to this article for further information on Terms & Conditions.

Login

Enable “Remember Me” Functionality: enable this option to show the Remember Me option in the login page (both on desktop and on mobile). When users select the option, the platform will no longer ask them to enter their username and password to log in, but will automatically log them in upon connection. Use the Maximum number of days the system will remember the user option to define how long the system will remember users. 

Other Options

Maximum number of consecutively failed sign-in attempts: Use this option to set the maximum number of consecutive failed login attempts. Please note that by putting 0 in this text box, you will set an unlimited number of login attempts. Please note that the default number is 3, but you can overwrite that number based on your preferences. Refer to this article for further info. 

Redirect user on logout: From this area, it is possible to set a URL to which users will be redirected once they log out of the platform. Press Activate, then type in the URL where you want to redirect your users after they log out from the platform. Press Save to complete the operation. The changes will take place upon the next login. Please note that this option works only if Single Sign-On is not enabled in your platform. 

Maximum number of users that can be deleted without running a background job: The massive deletion of users can be run as a background job, so you can continue to perform other actions on the platform while the mass deletion takes place. Use this option to set the maximum number of users that can be deleted without running a background job.

Password Tab

Use this tab to configure your password policy in order to protect your platform privacy. Refer to this article for further information. 

E-Learning Tab

This tab collects several parameters related to E-Learning courses, divided into areas.

Options

– Use “no answer” option in test questions: when enabled, the No Answer option will be made available in tests for users selection. When this option is selected, users will have a No Answer option available when answering questions for tests. Refer to this article for further information on tests.

Use “no answer” option in survey questions: when enabled, the No Answer option will be made available in tests for users selection. When this option is selected, users will have a No Answer option available when answering questions for surveys. Refer to this article for further information on surveys.

– If this option is enabled, a multiple-choice test question that’s only partially correct will be marked as incorrect (for example, if the user flags only two out of three correct answers): when this option is selected, when a user answers a multiple-choice question in a test and his/her answers are partially correct (i.e. he/she flagged only two out of three correct answers), the question is marked as incorrect.

– Use pixels instead of cm in the certificate generation, allowing greater precision in generated certificates: use this option to use pixels instead of centimeters when generating certificate templates. Refer to this article for further details on certificates.

Show course after enrollment. Enable this setting to force the user, after a self-enrollment, to navigate directly to the course player. This setting applies to theme 6.9 only.

– Directly play first item (or resume the last played object) when entering a course: use this option to force learners to see the first-course learning object upon entering courses. This option is used as a general setting for all the courses in your platform, but you can manage it at course level in the Course Advanced Properties tab.

Other Options

Soft Deadline: When a soft deadline is enabled, the course and its training material can be accessed by users even after the end date has passed. The soft deadline is calculated on the enrollment validity period. So if this setting is on, the expiration date of the enrollment is not calculated. 

Iframe Allow List: In your learning platform, you can embed videos, text, and pages from other websites into specific text boxes of HTML pages used as learning objects. Use this area to insert the URLs allowed to be embedded in your platform. Refer to this article of the Knowledge Base for further information on HTML pages used as learning objects. 

xAPI (Tin Can) External Content: When using xAPI (Tin Can) content in your platform, before you can link xAPI content as training material in a course, you must first create a predefined list of authorized links in this area of the platform in order to make it able to play the content for learners. Refer to this article for further information in this type of content. 

Courses & Learning Plans Content Curation: Use this area to manage the content curation for your courses and learning plans. 

ILT-Classroom Tab

Use this area to manage the booking of the same room for different sessions at the same time, and to customize the attendance sheet for classrooms session.

Learning Plan Tab

This section allows you to configure the redirect behavior for users completing a course inside a learning plan. Refer to this article for further information on learning plans. 

Course Catalog Tab

The Course Catalog section is used to configure the behavior of the catalogs available in the platform. More info on catalogs here

Virtual Coach Tab

Use this area to activate the platform Virtual Coach to allow users to interact with the artificial intelligence in the platform. Find for information on Virtual Coach and the platform Artificial Intelligence here

PENS Tab

Use this area to activate the PENS app. PENS is a standard that provides a protocol for authoring tools to directly send course packages to E-Learning platforms. Refer to this article for further information on PENS.

Advanced Tab

This section collects options used to configure different areas of the platform.

Advanced

– CC this email address for all emails sent by the platform (except for the recover password email). The platform may contact users via email for several reasons (such as notifications and newsletters). Use this option to set an email address that will be put in CC for every email sent.

Sender email address for alert messages. The platform may send alert email messages to users. Set here the sender email address for these messages.

Return path. Use this parameter to set the email address where all email notifications are sent. If a notification email is sent to a user with an invalid address, the mail server will reply with a new email notification to inform that the email does not exist. If an email address is defined as the return path, the email will also be forwarded to this address.

– Session lifetime. The number of seconds of user inactivity the platform will wait before closing the user session. When a session is closed, the user is logged out of the platform and he/she will have to log in again to start a new session. 

Referral cookie expiration. This parameter is used in conjunction with the Content Partners app to manage the time validity of the referral links. Check out this article for further information on content partners.

– Automatically send users to the mobile version of the platform if they are using one of the following User-Agents. Use this option to redirect users accessing the platform from the mobile devices listed here to a splash page prompting them to download Go.Learn. User-agents must be listed in the text area, with the following format: [‘android’,’iphone’,’ipod’,’ipad’,’opera mini’,’blackberry’,’webOS’].

– Max number of elements per page. Use this option to set the maximum value of elements returned by a query. This value applies to both the page size in the API paging mechanism and the paging elements rendered on the screen. If a feature does not have pagination, this value represents the maximum value of the elements rendered on the screen. Note that for performance reasons, some APIs, as well as some pages, are not subject to this configuration setting.

– Enable debug for SCORM API. Select this option to activate the debug of SCORM API. Find more information on this functionality here.

– Add an extended list of parameters to xAPI (Tin Can) launch URL. When this option is enabled, the following additional parameters are added to the URL of the xAPI (Tin-Can) training material, when opened: course code, course id, username, and user Id. In addition, a hash key is appended to the Tin-Can URL for security reasons. The hash permits to check if the provided parameters are valid or if they have been modified.

Newsletter. Newsletters can be sent in bulk. Use this area to configure the sending procedure. Refer to this article for further information on newsletters. 

Security Related

This section includes parameters concerning the platform security. 

– Enable IP control within sessions. When this option is enabled, the platform checks that all of the operations performed in a session are executed from the same IP address. If not, they are blocked. 

Disable simultaneous access with the same account. When this option is active, a user cannot access the same platform simultaneously, from different sessions. With this option enabled, a user can access the platform only from one device and only from one browser at a time. If the user is viewing a video training material inside of a course and has more than one tab opened on the same browser, when he/she leaves a tab, the video is paused in the tab he/she left. The user can have more than one active tab at the same time on the same browser, but cannot have more than one video active at the same time. In this way, as a Superadmin, you can be sure that the learning experience is compliant with policies requiring that your users don’t take more than one course simultaneously, in order to guarantee your users the planned number of training hours. By disabling simultaneous access, when a user accesses the platform from different sessions at the same time, he/she will be logged out from the oldest session.

– Clickjacking prevention. Your platform can be iframed by external URLs, making it vulnerable to clickjacking attacks. By enabling this option, only the URLs on the iframe allow list will be allowed to iframe your platform, preventing you from being induced by malicious attackers, click links or third party pages performing actions in the platform. The clickjacking prevention system implemented in Docebo is based on the Content Security Policy Level 2, which is not available on all browsers. Check out here if your browser is supported. Define the allowed URLs in the dedicated text box. This area accepts IPv4, IPv6, string aliases like “localhost”, wildcard character “*” for subdomains of a given domain (http://*.example.com) thus indicating that all the subdomains are included, wildcard character for ports “*” (http://www.example.com:*) thus meaning all legal ports are included in the selection.

The following APIs are available for the management of the clickjacking feature:

  • PUT manage/v1/clickjacking-protection: enables or disables the clickjacking feature
  • GET manage/v1/clickjacking-protection: returns the feature activation status
  • PUT manage/v1/clickjacking-protection/whitelist: edits the domains on the allow list
  • GET manage/v1/clickjacking-protection/whitelist: returns the list of the allowed domains
  • DELETE manage/v1/clickjacking-protection/whitelist: clears the allow list

Please note that if you are using Salesforce integration and embedding Docebo into Salesforce, you need to add the following URLs to the allow list:
https://*.docebo.cloud
https://*.salesforce.com
https://*.force.com
https://*.visualforce.com

In order to improve the security of all platforms, the clickjacking prevention feature will be mandatory on all platforms by the end of 2020, we strongly recommend activating and configuring it as soon as possible.

Send immediate notification digest on massive enrollment action. When this option is active, an extra step is added to the mass enrollment flow, so that the Superadmin can select whether to send the Digest: user enrolled to a course notification to the newly enrolled users filtering them on the basis of their enrollment level (learner, instructor or tutor). If using this option, make sure that the Digest: user enrolled to a course is properly set in the Notification App. When this option is selected the notification cannot be scheduled, and you will have to send it manually. When this option is not selected, the notification has to be scheduled, and cannot be sent manually. 

Other Options

Course Enrollment Links. Activate this option to allow course enrollment links to enroll learners in public courses. Refer to this article for further info on enrollment links. 

Activate the “Send Notification” option when Admin creates a new user. When this option is selected, the Send User has been created (by administrator) notification to new user toggle is by default switched when creating a new user in the platform. 

New Reports

– Report Download Permission from Link. Select this option to allow Power Users to enable or disable the option (that you find in the Properties tab of a custom report in the New Reports menu) requiring users to login to the platform in order to download the report using the link they received via email or at the end of a background job. If you don’t select this option, Power Users cannot activate nor deactivate the option in the report. More info about the option.

Date and Time

Your learning platform allows you to deploy online and blended training all over the world, which is why every platform uses the Timezone feature, allowing you to manage different time zones in your platform. Use this tab to manage the timezone options, refer to this article for further info

Social & Rating Tab

You can share your learning activities on the major social networks such as Twitter, Google Plus, and LinkedIn directly from your platform. Enable this option globally in your platform from this area. Find more information on social sharing in this article.

You can also enable a course rating system in your platform to allow learners to express their opinion on the courses they attend, helping other users to understand the value of courses. Use this area to enable this option at platform level, check this article for further info on ratings. 

Email Preferences Tab

Use this area to configure the email addresses that will be used to send emails to platform users for billing and product-related communications. 

In addition, Docebo uses DomainKeys Identified Mail (DKIM) as a method to validate the platform domain name identity associated with the email messages sent by the platform via the Notification App, so that they will not end up in a recipient’s junk email folder. Refer to this article for further information on the DKIM configuration. 

HTTPS Tab

Use this area to set up the HTTPs App. Refer to this article for further information on this app. 

Teams and Managers Tab

For those using the My Team functionality, use this area of the Advanced Settings to configure notifications and managers’ permissions. Check out this article for further information on My Team.

Tags on the Deny List Tab

Use this area to manage the tags on the deny list for the auto-tagging functionality managed by the platform Artificial Intelligence. Check out this article about content curation for further info on tags on the deny list.