Found this content helpful? Log in or sign up to leave a like!

Canvas SSO/ SAML SLO (logout behavior)

limerdm
Community Novice
‎06-30-2020 09:28 AM

Greetings, 

I have 5 different authentication methods active for our Canvas instance.  The direct canvas login, and 4 separate SAML providers (we have 4 different communities that all can SSO into Canvas).

The mistake(?) I made was thinking the logout URL for each SAML provider could be different and it would be respected based on which provider the user came in via.  

What I think I see in practice is that on logout the FIRST defined SAML provider (in order by the Position setting) is the one that whose Logout URL is used.  It seems that Canvas does not "remember" which SAML provider was used on login, only that a SAML provider was used as opposed to the Canvas direct method.

1. Do I understand this right/is this an accurate description of the current process?  Or if not, please point me to better docs etc as I haven't found anything definitive as of yet.

2. If it is accurate, can/will Canvas be made to remember the login path so as to respect the logout URL's?  Currently I have had to set all Logout URL's to the same destination and then disambiguate there and forward appropriately (the logic of which could be an issue in the future).

Appreciate any enlightenment. 

Dave 

1 person also had this question