D2L Brightspace - SSO Integration
This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide.
If you encounter any issues, kindly submit a ticket directly through the support desk.
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for D2L Brightspace using Multi-Pass.
SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials.
This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with D2L Brightspace, ensure you meet the following requirements:
- D2L Brightspace admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in D2L Brightspace are registered in your IdP and have the necessary permissions to access D2L Brightspace.
- MPAS Admin rights
- Make sure that all users intended to use SSO in D2L Brightspace are registered in your IdP and have the necessary permissions to access D2L Brightspace.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
D2L Brightspace - SSO configuration
Step 1 - Configure D2L Brightspace (Service Provider)
- Log into D2L Brightspace as an Administrator.
- Browse to Admin Tools > SAML Administration.
- Select Add Identity Provider.
- Browse to the D2L Brightspace Metadata URL.
- Right click on the data, select Save As, and save the file locally as an
.XMLfile. - In D2L Brightspace, set the Display Name to
Multi-Pass. - Select Import from your Identity Provider and then Import from URL.
- Set the User/Name ID Mapping to
Email Address. - Click Save.
Step 2 - Configure Multi-Pass (Identity Provider)
- Select the correct tenant and go to Integrations, then click on Applications.
- Select SAML in the custom integration section.
- Select Upload File and upload the D2L Brightspace XML file you created earlier.
- Confirm your information is accurate based on the table below:
| Field | Value |
|---|---|
| Client ID (=SP Entity ID) | https://<companyname>.tenants.brightspace.com/samlLogin |
| Name | d2lbrightspace |
| Description | D2L Brightspace SSO integration |
| Assertion Consumer Service URL | https://<companyname>.desire2learn.com/d2l/lp/auth/login/samlLogin.d2l |
| NameID Policy Format | email |
- Click Add integration.
- Click Advanced Console
- Click Clients and search for d2lbrightspace.
- Verify the different fields :
General settings
| Field | Value |
|---|---|
| Client ID | https://<companyname>.tenants.brightspace.com/samlLogin |
| Name | d2lbrightspace |
| Description | D2L Brightspace SSO integration |
| Always display in UI | ON |
Access settings
| Field | Value |
|---|---|
| Home URL (IdP-initiated) | https://ca.auth.kzero.com/<TENANT_NAME>/protocol/saml/clients/<APP_NAME> |
| Valid Redirect URIs (ACS) | https://<companyname>.desire2learn.com/d2l/lp/auth/login/samlLogin.d2l |
| IDP-Initiated SSO URL Name | <APP_NAME> |
SAML Capabilities
| Setting | Value |
|---|---|
| Name ID Format | |
| Force Name ID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
Signature & Encryption
| Setting | Value |
|---|---|
| Sign Documents | OFF |
| Sign Assertions | ON |
- Now that you have checked the different parameters, change to the tab called Keys.
- Make sure that both parameters are switched to OFF.
- Now go to the Advanced tab.
- The field Assertion Consumer Service POST Binding URL must equal the Valid Redirect URIs (ACS).
Related Articles
Mulesoft - SSO Integration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Mulesoft using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...Miro - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Miro using MPAS. SSO simplifies user authentication by allowing access to multiple ...Pipedrive – SSO configuration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Pipedrive using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...Veeva System - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...