Canvas LMS Single Sign On (SSO) with WordPress as IDP | Login into Canvas LMS using WordPress

Canvas LMS Single Sign On (SSO) with WordPress as IDP | Login into Canvas LMS using WordPress


The Canvas LMS is the world's fastest growing learning management system. It is an open-sourced cloud-based application designed to empower both teachers and students by making an engaging learning environment available to them. Login using WordPress Users ( WP as SAML IDP ) plugin gives you the ability to use your WordPress credentials to log into Canvas LMS. Here we will go through a step-by-step guide to configure SSO between, Canvas LMS as Service Provider and WordPress as an Identity Provider.

Pre-requisites: Download And Installation

To integrate the WordPress site as an Identity Provider, you will need to install the miniOrange Login using WordPress Users ( WP as SAML IDP ) Plugin:

Follow the Step-by-Step Guide given below for Canvas LMS Single Sign On (SSO)

1. Configure Canvas LMS as Service Provider

  • Open the WordPress site.
  • Install and activate the Login using WordPress Users ( WP as SAML IDP ) plugin on your WordPress site
    which is acting as Identity Provider.
  • Go to the WordPress IDP plugin, navigate to the IDP Metadata tab. Here, you can find the Identity Provider Metadata URL or you can Download the Metadata File.
  • You will find IDP Entity ID, SAML Login URL, SAML Logout URL (Premium Feature), Certificate. You would need these to configure the Service provider(Canvas LMS).
  • You would need these to configure the Service provider(Canvas LMS).

    wordpress saml upload metadata canvas as sp
  • Login to your Canvas LMS domain as an Account Administrator.
  • Switch to Admin view by clicking on the corresponding link from the bottom of the screen.
  • Select Admin from the left pane and select the domain for which you wish to enable Single sign-on.
  • enable sso canvas as sp
  • Click on Authentication in the left pane and navigate to SAML
  • saml authentication canvas as sp
  • Enter the values by referring to the table below.
  • IDP Metadata URI Enter the Metadata URL that points to the metadata document.
    IDP Entity ID Enter the IDP Entity value that you got from the previous step.
    Log On URL Enter the SAML Login URL that you got from the previous step.
    Log Out URL Enter the SAML Logout URL(Premium feature) that you got from the
    previous step.
    Certificate Fingerprint Follow the steps below to copy the Thumbprint of certificate:
    1. Open the certificate that was downloaded earlier.
    2. Go to Details and in the field column select Thumbprint.
    3. Copy the Thumbprint that opens in the pane by pressing CTRL+C
    (Right-Click wont work!).
    4. Paste the Thumbprint in the Certificate Fingerprint.
    Make sure that there are no spaces in between the Certificate Fingerprint.
    Remove them manually.
    Login Attribute NameID
    Identifier Format Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
    from the dropdown list.
    Authentication Context Select urn:oasis:names:tc:SAML:2.0:ac:classes:
    PasswordProtectedTransport
    from the dropdown list.
    Message Signing Select the algorithm to use for signing Request messages sent to the IdP.
    For now select Not Signed.
    Just In Time Provisioning If checked then it automatically create a user account in your Canvas LMS
    if its the first time a user logs in with single sign-on (SSO).
    enter saml info canvas as sp
  • Click Save to complete the configuration.

2. Configure WordPress (WP) as IdP (Identity Provider)

  • You would need Entity ID , Acs URL from Canvas LMS .
  • You can find this information under Current Provider in Authentication section under Admin tab.
  • Click on the Link to find Metadata file containing all the information of your Service Provider
    (Canvas LMS).
  • entity id canvas as sp
  • Open the WordPress site.
  • Go to the WordPress IDP plugin, navigate to the Service Provider tab.
  • Enter the values corresponding to the information from Canvas LMS. Refer to the table below.
  • Service Provider Name Name of your Service Provider.
    SP Entity ID or Issuer Copy and paste the SP-EntityID from Canvas LMS.
    ACS URL Copy and paste the ACS URL from Canvas LMS.
    NameID Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
    Assertion Signed Checked
    enter ip info canvas as sp
  • Click on the Save button to save your configuration.

3. Attribute Mapping (This is a premium feature)

    In WordPress:
  • In the WordPress IDP plugin,navigate to the Attribute/Role Mapping tab.
  • In the User Attributes section, enter the following information and click Save .
  • Click on + sign to add attributes.
  • Name User Meta Data
    FirstName first_name
    LastName last_name
    NickName nickname
    canvas attr mapping canvas as sp
    In Canvas LMS:
  • Navigate to Current Provider in Authentication section under the Admin tab. You will find
    Federated Attributes.
  • Make sure to add the following information under Federated Attributes .
  • Select the Attribute Name from the dropdown list and click on +Attribute
  • If an attribute is marked as Provisioning Only, then it will only be used when Just In Time Provisioning
    creates a new user, and will not be kept up to date each time the user logs in.

  • canvas attr mapping canvas as sp canvas attr mapping canvas as sp

4. Testing SSO

  • You can find the Login link information
    under the Current Provider in the Authentication section, under the Admin tab.

  • current provider canvas as sp test
  • Construct the login url,
    eg: https://your_domain.com/login/saml/103
  • Construct the login url,
    eg: https://your_domain.com/login/saml/103 https://your_domain.com/login/saml/103
  • You would be redirected to the WordPress Login screen. Enter the Credentials and click Log in.

  • wordpress login canvas as sp

If you were able to log into Canvas LMS, then your configuration is correct.

Additional Resources

Why Our Customers choose miniOrange WordPress Single Sign-On (SSO) Solutions?

24/7 Support

miniOrange provides 24/7 support for all the Secure Identity Solutions. We ensure high quality support to meet your satisfaction.

Sign Up

Customer Reviews

See for yourself what our customers say about us.
 

Reviews

Extensive Setup Guides

Easy and precise step-by-step instructions and videos to help you configure within minutes.

Watch Demo


We offer Secure Identity Solutions for Single Sign-On, Two Factor Authentication, Adaptive MFA, Provisioning, and much more. Please contact us at

 +1 978 658 9387 (US) | +91 77966 99612 (India)   samlsupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com