Community Help

hkholghi · ‎09-10-2021

We recently implemented the single sign-on. Now I'm unable to access the following site:

https://afs.test.instructure.com/login/canvas

I used to be able to access the above site before implementing the SAML. Now, I'm unable to log in to it with the user name and password.

What is the workaround to access the test or beta sites when the SAML is used for the authentication?

Than you,

Hossein Kholghi

mzimmerman · ‎09-13-2021

Are your account credentials "local" in Canvas or are they through SAML? The URL you gave, https://afs.test.instructure.com/login/canvas , is for a local Canvas password, not SAML credentials, and it looks like both your test and production servers are still set to default to local authentication, not SAML.

hkholghi · ‎09-14-2021

Thank you for your reply. We recently adopted SMAL for all our users including the admins. Prior to the switch, admin accounts were local and I had no problem accessing the test site. I see what you are saying and it makes sense. How do I go about changing the test site to work with SAML? Or should I have a special admin account with local credentials?

mzimmerman · ‎09-14-2021

When your test site is refreshed from the production site, it will get the authentication settings (including SAML) from the production site. However, if you want to add SAML to the test site before then, you would do it the same way you did adding SAML to the production site.

hkholghi · ‎09-14-2021

I see what you are saying. I can create another SAML app for the test site, however, at this point, I cannot access the test site at all. I even created a local admin account and sign in to the production site successfully and still cannot access the test site. I also submitted a tech ticket, but I have not heard from them yet.

Thank you for all your help.

mzimmerman · ‎09-14-2021

Remember, the test server is only refreshed from the production site once a month. If you added SAML to production after the last refresh, then the test server still has your "pre-SAML" account and password info.

The refresh schedule is here https://community.canvaslms.com/t5/Canvas-Releases/What-is-the-Canvas-release-schedule-for-beta-prod... but be aware that Canvas maintenance may sometimes interfere with the schedule.

For what it's worth, when I try to go to the SAML authentication on your test server, https://afs.test.instructure.com/login/saml , I'm redirected to the Google authenticator. DIs your SAML authentication through Google?

hkholghi · ‎09-14-2021

We switched to SAML back in July so there is no hope in getting to the test server now. We are a Google school and the SAML is configured with our Google domain.

Is there a way to tweak the Authentication settings for just one user( an admin account) without affecting everybody else?

Thank you.

mzimmerman · ‎09-15-2021

You can have as many different authentication sources as you like. One authentication source will be the default, but any user account can access other authentication sources by going to the appropriate login URL. Unless you specifically set up the user account to only be able (via the authentication_provider_id when creating users via SIS import, per https://canvas.instructure.com/doc/api/file.sis_csv.html ).

mzimmerman · ‎09-15-2021

Just to confirm, have you tried logging in the through the SAML login at for the test server?

mzimmerman · ‎09-15-2021

Hello Montez,

You seem to be replying to a different conversion?

Accessing the test site

Canvas

Canvas Catalog

Canvas Commons

You're signed out

Accessing the test site

Canvas

Canvas Catalog

Canvas Commons

Community Help

View our top guides and resources: