Administrator Documentation

Security administration

Security administration tasks
Security administration tasks In Brightspace, security administration tasks include: * Assign tool permissions to users with the Roles and Permissions tool * Set password policy restrictions with the Password Policy tool * Protect the privacy of enrolled learners with the User Information Privacy tool * Define a list of…
SAML Administration Overview
SAML, or Security Assertion Markup Language, enables users to access multiple web applications using one set of login credentials. SAML based Single Sign-On (SSO) is the most often requested method for user authentication within Brightspace. Since SSO is a customer managed workflow, D2L built an administrative front-end to…
Protect the privacy of enrolled learners
Protect the privacy of enrolled learners Enable or disable the display of users' non-directory information by selecting or clearing User Information Privacy role permissions. Non-directory information is information your organization holds private. Directory information includes anything that should be visible to users,…
Set password policy restrictions
From the Admin Tools menu, click Password Policy. On the Password Policy page, select any of the following restrictions:* Password Reuse Policy - Prevents the user from re-using old passwords. You must specify a number of recently used passwords for the system to check. * Derivation of Password From User Identity Fields -…
Cloud environment security
To improve cloud environment security, suspicious requests are proactively blocked using a Web App Firewall (WAF). The WAF checks all traffic coming in to the Brightspace cloud environment to match rules. Traffic that matches its rules, which indicate that the traffic is a potential security concern, is not allowed into…
Enable Just-In-Time User Provisioning
The Just-In-Time User Provisioning (JIT Provisioning) function helps users to log in to Brightspace and automatically creates their Brightspace user account without an administrator intervening. Each time users log in using Just-In-Time User Provisioning, their data is updated with the data obtained from the identity…
User abilities affected by User Information Privacy permissions
The following table indicates the user abilities affected by User Information Privacy permissions. User ability Impact Impersonation If you clear any User Information Privacy role permission check box, all users, regardless of access to non-directory information, lose their ability to impersonate users, and the Impersonate…
Create a validation regular expression
You should update the language term if you want to use the validation regular expression to set password requirements. Users see the language term describing the password requirements, not the string containing the validation regular expression. From the Admin Tools menu, click Config Variable Browser. Navigate to the…
Create a list of authorized users and manage two-factor authentication (2FA)
This article outlines details around managing local authentication and two-factor authentication. Administrators can configure Local Authentication Security at the org level for any role as detailed in Local Authentication Security permissions. This approach allows for easier control and access to local and two-factor…
Manage an Identity Provider
Add an Identity Provider Visit your organization’s Identity Provider tool or website and create a new application. In Brightspace, from Admin Tools select SAML Administration. Click Add Identity Provider. From the Add New Identity Provider page, collect the Brightspace Metadata URL by clicking Copy. Note: The Brightspace…