Search Results :

×

Canvas LMS Single Sign On (SSO) with WordPress as IDP | Login into Canvas LMS using WordPress

The Canvas LMS is the world's fastest growing learning management system. It is an open-sourced cloud-based application designed to empower both teachers and students by making an engaging learning environment available to them. Login using WordPress Users ( WP as SAML IDP ) plugin gives you the ability to use your WordPress credentials to log into Canvas LMS. Here we will go through a step-by-step guide to configure SSO between, Canvas LMS as Service Provider and WordPress as an Identity Provider.

To integrate the WordPress site as an Identity Provider, you will need to install the miniOrange Login using WordPress Users ( WP as SAML IDP ) Plugin.

  • Open the WordPress site.
  • Install and activate the Login using WordPress Users ( WP as SAML IDP ) plugin on your WordPress site
    which is acting as Identity Provider.
  • Go to the WordPress IDP plugin, navigate to the IDP Metadata tab. Here, you can find the Identity Provider Metadata URL or you can Download the Metadata File.
  • You will find IDP Entity ID, SAML Login URL, SAML Logout URL (Premium Feature), Certificate. You would need these to configure the Service provider(Canvas LMS).
  • You would need these to configure the Service provider(Canvas LMS).
wordpress saml upload metadata canvas as sp

  • Login to your Canvas LMS domain as an Account Administrator.
  • Switch to Admin view by clicking on the corresponding link from the bottom of the screen.
  • Select Admin from the left pane and select the domain for which you wish to enable Single sign-on.
enable sso canvas as sp

  • Click on Authentication in the left pane and navigate to SAML
saml authentication canvas as sp

  • Enter the values by referring to the table below.
IDP Metadata URI Enter the Metadata URL that points to the metadata document.
IDP Entity ID Enter the IDP Entity value that you got from the previous step.
Log On URL Enter the SAML Login URL that you got from the previous step.
Log Out URL Enter the SAML Logout URL (Premium feature) that you got from the previous step.
Certificate Fingerprint Follow the steps below to copy the Thumbprint of the certificate:

  • Open the certificate that was downloaded earlier.
  • Go to Details and in the field column, select Thumbprint.
  • Copy the Thumbprint that appears in the pane by pressing CTRL+C (Right-Click won’t work!).
  • Paste the Thumbprint in the Certificate Fingerprint.
  • Ensure there are no spaces in the Certificate Fingerprint. Remove them manually if necessary.
Login Attribute NameID
Identifier Format Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress from the dropdown list.
Authentication Context Select urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport from the dropdown list.
Message Signing Select the algorithm to use for signing request messages sent to the IdP. For now, select Not Signed.
Just In Time Provisioning If enabled, this feature will automatically create a user account in your Canvas LMS if it is the first time a user logs in using Single Sign-On (SSO).
enter saml info canvas as sp

  • Click Save to complete the configuration.
  • You would need Entity ID , Acs URL from Canvas LMS .
  • You can find this information under Current Provider in Authentication section under Admin tab.
  • Click on the Link to find Metadata file containing all the information of your Service Provider
    (Canvas LMS).
entity id canvas as sp

  • Open the WordPress site.
  • Go to the WordPress IDP plugin, navigate to the Service Provider tab.
  • Enter the values corresponding to the information from Canvas LMS. Refer to the table below.
Service Provider Name Name of your Service Provider.
SP Entity ID or Issuer Copy and paste the SP-EntityID from Canvas LMS.
ACS URL Copy and paste the ACS URL from Canvas LMS.
NameID Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
Assertion Signed Checked
enter ip info canvas as sp

  • Click on the Save button to save your configuration.

In WordPress

  • In the WordPress IDP plugin,navigate to the Attribute/Role Mapping tab.
  • In the User Attributes section, enter the following information and click Save.
  • Click on + sign to add attributes.
Name User Meta Data
FirstName first_name
LastName last_name
NickName nickname
canvas attr mapping canvas as sp

In Canvas LMS

  • Navigate to Current Provider in Authentication section under the Admin tab. You will find
    Federated Attributes.
  • Make sure to add the following information under Federated Attributes.
  • Select the Attribute Name from the dropdown list and click on +Attribute
  • If an attribute is marked as Provisioning Only, then it will only be used when Just In Time Provisioning
    creates a new user, and will not be kept up to date each time the user logs in.
canvas attr mapping canvas as sp

canvas attr mapping canvas as sp

  • You can find the Login link information
    under the Current Provider in the Authentication section, under the Admin tab.
current provider canvas as sp test

  • Construct the login url,
    eg: https://your_domain.com/login/saml/103
  • You would be redirected to the WordPress Login screen. Enter the Credentials and click Log in.
wordpress login canvas as sp

If you were able to log into Canvas LMS, then your configuration is correct.


We offer Secure Identity Solutions for Single Sign-On, Two Factor Authentication, Adaptive MFA, Provisioning, and much more. Please contact us at

 +1 978 658 9387 (US) | +91 97178 45846 (India)    wpidpsupport@xecurify.com


ADFS_sso ×
Hello there!

Need Help? We are right here!

support