D2L Brightspace - SSO Integration
This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide.
If you encounter any issues, kindly submit a ticket directly through the support desk.
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for D2L Brightspace using Multi-Pass.
SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials.
This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with D2L Brightspace, ensure you meet the following requirements:
- D2L Brightspace admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in D2L Brightspace are registered in your IdP and have the necessary permissions to access D2L Brightspace.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
D2L Brightspace - SSO configuration
Step 1 - Configure D2L Brightspace (Service Provider)
- Log into D2L Brightspace as an Administrator.
- Browse to Admin Tools > SAML Administration.
- Select Add Identity Provider.
- Browse to the D2L Brightspace Metadata URL.
- Right click on the data, select Save As, and save the file locally as an
.XMLfile. - In D2L Brightspace, set the Display Name to
Multi-Pass. - Select Import from your Identity Provider and then Import from URL.
- Set the User/Name ID Mapping to
Email Address. - Click Save.
Step 2 - Configure Multi-Pass (Identity Provider)
- Select the correct tenant and go to Integrations, then click on Applications.
- Select SAML in the custom integration section.
- Select Upload File and upload the D2L Brightspace XML file you created earlier.
- Confirm your information is accurate based on the table below:
| Field | Value |
|---|---|
| Client ID (=SP Entity ID) | https://<companyname>.tenants.brightspace.com/samlLogin |
| Name | d2lbrightspace |
| Description | D2L Brightspace SSO integration |
| Assertion Consumer Service URL | https://<companyname>.desire2learn.com/d2l/lp/auth/login/samlLogin.d2l |
| NameID Policy Format | email |
- Click Add integration.
- Click Advanced Console
- Click Clients and search for d2lbrightspace.
- Verify the different fields :
General settings
| Field | Value |
|---|---|
| Client ID | https://<companyname>.tenants.brightspace.com/samlLogin |
| Name | d2lbrightspace |
| Description | D2L Brightspace SSO integration |
| Always display in UI | ON |
Access settings
| Field | Value |
|---|---|
| Home URL (IdP-initiated) | https://ca.auth.kzero.com/<TENANT_NAME>/protocol/saml/clients/<APP_NAME> |
| Valid Redirect URIs (ACS) | https://<companyname>.desire2learn.com/d2l/lp/auth/login/samlLogin.d2l |
| IDP-Initiated SSO URL Name | <APP_NAME> |
SAML Capabilities
| Setting | Value |
|---|---|
| Name ID Format | |
| Force Name ID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
Signature & Encryption
| Setting | Value |
|---|---|
| Sign Documents | OFF |
| Sign Assertions | ON |
- Now that you have checked the different parameters, change to the tab called Keys.
- Make sure that both parameters are switched to OFF.
- Now go to the Advanced tab.
- The field Assertion Consumer Service POST Binding URL must equal the Valid Redirect URIs (ACS).
Related Articles
SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...Wrike - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Wrike using MPAS. SSO simplifies user authentication by allowing access to multiple ...Freshworks - SSO Configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Freshworks using Multi-Pass. SSO simplifies user authentication by allowing access to ...Grafana - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...Slack - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...