Q: What are some of the benefits of using SAML?
A: Using SAML eliminates the need for IPAS / Shibboleth Service Provider configuration.
Q: What SAML Authentication workflows am I able to perform?
A: Initial Identity Provider registration and testing, Log in Page experience (setting the default login experience to an External Redirect to their Identity Provider) and renewing soon to expire X.509 Signing Certificates for existing Identity Providers.
Q: How is access to SAML Authentication controlled?
A: By granting the Manage SAML Authentication Security permission to necessary roles at your organization the SAML Administration options displays in their Admin Tools menu.
Q: Will D2L Support continue to engage clients regarding soon to expire certificates?
A: Yes, D2L Support will provide reminders, but administrators are now expected to update their own X.509 Signing Certificates.
Q: Is SAML Administration compatible with InCommon or SURFconext federated identity management services?
A: No, not currently.
Q: Can I switch to SAML Administration if our Brightspace environment is currently leveraging the legacy IPAS/Shibboleth SSO integration?
A: Yes, SAML Administration can be configured and tested while IPAS/Shibboleth is active. Some assistance may be required when setting the default login experience.