Community Help

WTurner99 · ‎06-12-2023

Currently we use SSO to login to Canvas. We are setting up a Canvas API Roster Exchange with Barnes and Noble and need to setup a login for them that is not using SSO. Is this a common thing? How do I create it without being required to enter network login?

chriscas · ‎06-12-2023

Hi @WTurner99,

You may be able to go one of two different ways with this...

Our university has a SSO system ran by our IT folks. For special use cases like this, we can request what they call a "sponsored account" for someone, which will give a username and password that will work through SSO even for an external vendor. This would be our preferred method whenever possible.
If you're a Canvas admin, you can enable Canvas authentication as well as your SSO authentication in your root account > Authentication area. You'll be able to choose a "position" for the different providers, and you'll generally want to have Canvas authentication as the biggest number, meaning it will only get used by people who know the "secret" url (insutition.instructure.com/login/canvas). If you go this route, you can create a username/password in Canvas to give to the vendor along with that special login URL.

I would say this is rather uncommon, but not quite unheard of depending on the integration. I am assuming they want a user account just for testing when I say this though. If they are requesting an admin account, that is a whole different ball game and would trigger a lot of additional discussions, agreements, and approval chains here.

Hope this helps!

-Chris

View solution in original post

WTurner99 · ‎06-12-2023

Chris,

Thank you, I'll pass this along to the security side of IT to see what they want to do. I am developer that wants no responsibility for the security portion 🙂

View solution in original post

James · ‎06-12-2023

@WTurner99

It seems strange that Barnes and Noble would want an account in your system that they could log into. I don't use their service, but frequently this type of thing is done through an integration where you set them up with a developer API key. See the Integrations section of the Canvas Admin Guide for more information.

A long time ago, before Canvas had the developer API key offering for us, we would create an account for the vendor, generated a token, and then provided them with the token. They never logged into our system directly, but were able to use the API.

View solution in original post

chriscas · ‎06-12-2023

Hi @WTurner99,

You may be able to go one of two different ways with this...

Our university has a SSO system ran by our IT folks. For special use cases like this, we can request what they call a "sponsored account" for someone, which will give a username and password that will work through SSO even for an external vendor. This would be our preferred method whenever possible.
If you're a Canvas admin, you can enable Canvas authentication as well as your SSO authentication in your root account > Authentication area. You'll be able to choose a "position" for the different providers, and you'll generally want to have Canvas authentication as the biggest number, meaning it will only get used by people who know the "secret" url (insutition.instructure.com/login/canvas). If you go this route, you can create a username/password in Canvas to give to the vendor along with that special login URL.

I would say this is rather uncommon, but not quite unheard of depending on the integration. I am assuming they want a user account just for testing when I say this though. If they are requesting an admin account, that is a whole different ball game and would trigger a lot of additional discussions, agreements, and approval chains here.

Hope this helps!

-Chris

WTurner99 · ‎06-12-2023

Chris,

Thank you, I'll pass this along to the security side of IT to see what they want to do. I am developer that wants no responsibility for the security portion 🙂

James · ‎06-12-2023

@WTurner99

It seems strange that Barnes and Noble would want an account in your system that they could log into. I don't use their service, but frequently this type of thing is done through an integration where you set them up with a developer API key. See the Integrations section of the Canvas Admin Guide for more information.

A long time ago, before Canvas had the developer API key offering for us, we would create an account for the vendor, generated a token, and then provided them with the token. They never logged into our system directly, but were able to use the API.

Create a non SSO login

Build on Last Attempt - Re-randomizing Formula Que...

Parent is unable to scroll in the Canvas Parent Ap...

Automatically apply grade for missing submissions ...

Pop up messages cover up action buttons. Make them...

Anyone notice that Students can't annotate on a Ca...

Build on Last Attempt - Re-randomizing Formula Que...

Google Apps support

Is There A Discord For Canvas?

Documentation for the Ally Course Accessibility Re...

Get New Quiz answers submissions

You're signed out

Create a non SSO login

Community Help

View our top guides and resources: