Hi Canvas Admins,
I'm at my wits' end, here, and I'm hoping somebody has an answer, or at least a better question:
We're trying to set up Azure AD as one of our providers. We've added it correctly, and it tests fine in position 1, but this will be a secondary authentication for us, so we want it father down--position 3 or 4.
But no matter what we put for the Reply URL (Assertion Consumer Service URL) it always redirects to <canvas>/login/saml which is the default login, not login/saml/68 which is the endpoint for Azure login.
So we direct people to login/saml/68, they are correctly forwarded to Azure, they login to Azure, and then they get sent back to Canvas...at the default url, and then kicked back to login again, because our default SSO doesn't have a session for them.
Since the url they get sent to isn't the actual login url for position 1, but the ACS "Location" from the Entity ID, I'm suspicious that's the culprit, but it's not clear what to do about it.
Any insight is appreciated.