AnsweredAssumed Answered

O365/Azure AD SAML

Question asked by Jay Savage on Aug 13, 2019
Latest reply on Sep 19, 2019 by vrichter@exeter.edu

Hi Canvas Admins,

 

I'm at my wits' end, here, and I'm hoping somebody has an answer, or at least a better question:

 

We're trying to set up Azure AD as one of our providers. We've added it correctly, and it tests fine in position 1, but this will be a secondary authentication for us, so we want it father down--position 3 or 4. 

 

But no matter what we put for the Reply URL (Assertion Consumer Service URL)  it always redirects to <canvas>/login/saml which is the default login, not login/saml/68 which is the endpoint for Azure login.

 

So we direct people to login/saml/68, they are correctly forwarded to Azure, they login to Azure, and then they get sent back to Canvas...at the default url, and then kicked back to login again, because our default SSO doesn't have a session for them.

 

Since the url they get sent to isn't the actual login url for position 1, but the ACS "Location" from the Entity ID, I'm suspicious that's the culprit, but it's not clear what to do about it.

 

Any insight is appreciated.

 

Thanks,

 

--j

Outcomes