What is SAML and SAML Administration?
Security Assertion Markup Language (SAML), enables users to access multiple web applications using one set of login credentials. SAML based Single Sign-On (SSO) is the most requested user authentication method within Brightspace, and since SSO is a customer managed workflow, we built an administrative front-end to configure, troubleshoot, and maintain it.
Figure: SAML Administration tool.
What key functions does it perform?
SAML Administration allows administrators to:
- Register and maintain Identity Providers
- Renew soon to expire X.509 Signing Certificates for registered Identity Providers
- Configure the default login experience
- Enable system logging to help troubleshoot SSO issues
What Identity Providers are supported?
Commonly registered Identity Providers include:
- Microsoft Azure
- Microsoft ADFS
- Shibboleth
- Google Workspace (G Suite)
- WSO2
- Okta
- OneLogin
- PingIdentity
However, SAML Administration is compatible with most identity and access management providers.
How do I enable access to SAML Administration?
The Security > Manage SAML Authentication permission is required to access the SAML Administration tool. Once the Manage SAML Authentication permission is enabled, the SAML Administration tool is visible under Admin Tools > Security.