We recently implemented the single sign-on. Now I'm unable to access the following site:
I used to be able to access the above site before implementing the SAML. Now, I'm unable to log in to it with the user name and password.
What is the workaround to access the test or beta sites when the SAML is used for the authentication?
Are your account credentials "local" in Canvas or are they through SAML? The URL you gave, https://afs.test.instructure.com/login/canvas , is for a local Canvas password, not SAML credentials, and it looks like both your test and production servers are still set to default to local authentication, not SAML.
Thank you for your reply. We recently adopted SMAL for all our users including the admins. Prior to the switch, admin accounts were local and I had no problem accessing the test site. I see what you are saying and it makes sense. How do I go about changing the test site to work with SAML? Or should I have a special admin account with local credentials?
When your test site is refreshed from the production site, it will get the authentication settings (including SAML) from the production site. However, if you want to add SAML to the test site before then, you would do it the same way you did adding SAML to the production site.
I see what you are saying. I can create another SAML app for the test site, however, at this point, I cannot access the test site at all. I even created a local admin account and sign in to the production site successfully and still cannot access the test site. I also submitted a tech ticket, but I have not heard from them yet.
Thank you for all your help.
Remember, the test server is only refreshed from the production site once a month. If you added SAML to production after the last refresh, then the test server still has your "pre-SAML" account and password info.
The refresh schedule is here https://community.canvaslms.com/t5/Canvas-Releases/What-is-the-Canvas-release-schedule-for-beta-prod... but be aware that Canvas maintenance may sometimes interfere with the schedule.
For what it's worth, when I try to go to the SAML authentication on your test server, https://afs.test.instructure.com/login/saml , I'm redirected to the Google authenticator. DIs your SAML authentication through Google?
We switched to SAML back in July so there is no hope in getting to the test server now. We are a Google school and the SAML is configured with our Google domain.
Is there a way to tweak the Authentication settings for just one user( an admin account) without affecting everybody else?
You can have as many different authentication sources as you like. One authentication source will be the default, but any user account can access other authentication sources by going to the appropriate login URL. Unless you specifically set up the user account to only be able (via the authentication_provider_id when creating users via SIS import, per https://canvas.instructure.com/doc/api/file.sis_csv.html ).