Canvas LMS Single Sign On (SSO) with WordPress as IDP | Login into Canvas LMS using WordPress
The Canvas LMS is the world's fastest growing learning management system. It is an open-sourced cloud-based application designed to empower both teachers and students by making an engaging learning environment available to them. Login using WordPress Users ( WP as SAML IDP ) plugin gives you the ability to use your WordPress credentials to log into Canvas LMS. Here we will go through a step-by-step guide to configure SSO between, Canvas LMS as Service Provider and WordPress as an Identity Provider.
Pre-requisites: Download And Installation
To integrate the WordPress site as an Identity Provider, you will need to install the miniOrange Login using WordPress Users ( WP as SAML IDP ) Plugin:
By miniOrange
Single Sign-On (SSO) login with WordPress Users into any Service Provider like Tableau, Zoho, Zoom, Moodle, Canvas LMS, Absorb LMS, TalentLMS, etc.
Follow the Step-by-Step Guide given below for Canvas LMS Single Sign On (SSO)
1. Configure Canvas LMS as Service Provider
- Open the WordPress site.
- Install and activate the Login using WordPress Users ( WP as SAML IDP )
plugin on your WordPress site
which is acting as Identity Provider. - Go to the WordPress IDP plugin, navigate to the IDP Metadata tab. Here, you can find the Identity Provider Metadata URL or you can Download the Metadata File.
- You will find IDP Entity ID, SAML Login URL, SAML Logout URL (Premium Feature), Certificate. You would need these to configure the Service provider(Canvas LMS).
- Login to your Canvas LMS domain as an Account Administrator.
- Switch to Admin view by clicking on the corresponding link from the bottom of the screen.
- Select Admin from the left pane and select the domain for which you wish to enable Single sign-on.
- Click on Authentication in the left pane and navigate to SAML
- Enter the values by referring to the table below.
- Click Save to complete the configuration.
You would need these to configure the Service provider(Canvas LMS).
| IDP Metadata URI | Enter the Metadata URL that points to the metadata document. |
| IDP Entity ID | Enter the IDP Entity value that you got from the previous step. |
| Log On URL | Enter the SAML Login URL that you got from the previous step. |
| Log Out URL |
Enter the SAML Logout URL(Premium feature) that you got from the previous step. |
| Certificate Fingerprint |
Follow the steps below to copy the Thumbprint of certificate: 1. Open the certificate that was downloaded earlier. 2. Go to Details and in the field column select Thumbprint. 3. Copy the Thumbprint that opens in the pane by pressing CTRL+C (Right-Click wont work!). 4. Paste the Thumbprint in the Certificate Fingerprint. Make sure that there are no spaces in between the Certificate Fingerprint. Remove them manually. |
| Login Attribute |
NameID |
| Identifier Format |
Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress from the dropdown list. |
| Authentication Context |
Select urn:oasis:names:tc:SAML:2.0:ac:classes: PasswordProtectedTransport from the dropdown list. |
| Message Signing |
Select the algorithm to use for signing Request messages sent to the IdP. For now select Not Signed. |
| Just In Time Provisioning |
If checked then it automatically create a user account in your Canvas LMS if its the first time a user logs in with single sign-on (SSO). |
2. Configure WordPress (WP) as IdP (Identity Provider)
- You would need Entity ID , Acs URL from Canvas LMS .
- You can find this information under Current Provider in Authentication section under Admin tab.
- Click on the Link to find Metadata file containing all the information of your Service Provider
(Canvas LMS). - Open the WordPress site.
- Go to the WordPress IDP plugin, navigate to the Service Provider tab.
- Enter the values corresponding to the information from Canvas LMS. Refer to the table below.
- Click on the Save button to save your configuration.
| Service Provider Name | Name of your Service Provider. |
| SP Entity ID or Issuer | Copy and paste the SP-EntityID from Canvas LMS. |
| ACS URL | Copy and paste the ACS URL from Canvas LMS. |
| NameID Format | urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress |
| Assertion Signed | Checked |
3. Attribute Mapping (This is a premium feature)
- In the WordPress IDP plugin,navigate to the Attribute/Role Mapping tab.
- In the User Attributes section, enter the following information and click Save .
- Click on + sign to add attributes.
- Navigate to Current Provider in Authentication section under the Admin tab. You will find
Federated Attributes. - Make sure to add the following information under Federated Attributes .
- Select the Attribute Name from the dropdown list and click on +Attribute
- If an attribute is marked as Provisioning Only, then it will only be used when Just In Time Provisioning
creates a new user, and will not be kept up to date each time the user logs in.
In WordPress:
| Name | User Meta Data |
| FirstName | first_name |
| LastName | last_name |
| NickName | nickname |
In Canvas LMS:
4. Testing SSO
- You can find the Login link information
under the Current Provider in the Authentication section, under the Admin tab. - Construct the login url,
eg: https://your_domain.com/login/saml/103 Construct the login url, - You would be redirected to the WordPress Login screen. Enter the Credentials and click Log in.
eg: https://your_domain.com/login/saml/103 https://your_domain.com/login/saml/103
If you were able to log into Canvas LMS, then your configuration is correct.
Additional Resources
Why Our Customers choose miniOrange WordPress Single Sign-On (SSO) Solutions?
Sign Up
We offer Secure Identity Solutions for Single Sign-On, Two Factor Authentication, Adaptive MFA, Provisioning, and much more. Please contact us at
+1 978 658 9387 (US) | +91 97178 45846 (India) wpidpsupport@xecurify.com
Need Help? We are right here!
Need Help? We are right here!
