Single Sign On (SSO) for Canvas LMS
miniOrange provides a ready to use solution for Canvas LMS. This solution ensures that you are ready to roll out secure access to Canvas LMS to your employees within minutes.

Note : The information contained on this page does not create a joint venture, partnership, agency or other form of association, or an express or implied license grant by either party to the other under any patent, trademark, copyright, trade secret or other intellectual property right.

Canvas LMS

miniOrange provides secure access to Canvas LMS for enterprises and full control over access of application. Single Sign On (SSO) into Canvas LMS with one set of login credentials.

miniOrange supports both IdP (Identity Provider) and SP (Service Provider) initiated Single Sign On (SSO)

Follow the Step-by-Step Guide given below for Canvas LMS Single Sign On (SSO)

Step 1: Configure Single Sign On (SSO) Settings for Canvas LMS

  1. Login to miniOrange Admin Console.
  2. Go to Apps >> Manage Apps . Click Configure Apps button.
  3. Click on SAML tab. Select Canvas and click Add App button.

  4. Make sure the SP Entity ID or Issuer is in the format:
  5. Make sure the ACS URL is in the format:
  6. In the Attributes section, enter the value NameID in the Attribute Name field, select E-Mail Address from the Attribute Value list.
  7. Click on Add Apps to configure Canvas.
  8. Click on Download Certificate link to download the certificate which will be required later.

  9. Login to your Canvas LMS domain as an Account Administrator.
  10. Switch to Admin View.

  11. Go to Courses and under Managed Accounts, click on your domain name.

  12. Click on Authentication in the left pane and select SAML from the Choose an authentication service drop down list.

  13. Under Current Integration, click on Add New SAML Config and enter the details as shown:

  14. IdP Entity ID
    Log On URL
    Log Out URL
    Change Password Link
    Certificate FingerprintFollow the steps below to copy the Thumbprint of certificate.
    Login AttributeNameID
    Identifier Formaturn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
    Authentication Contexturn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
    Login LabelUsername
    Unknown User UrlLeave blank.
  15. Open the certificate that was downloaded earlier.
  16. Go to Details.
  17. In the Field column, select Thumbprint.
  18. Copy the Thumbprint that opens in the pane by pressing CTRL+C (Right-Click wont work!).
  19. Paste the Thumbprint in the Certificate Fingerprint.
  20. Make sure that there are no spaces in between the Certificate Fingerprint. Remove them manually.
  21. Click the Save Authentication Settings to save the Single Sign On (SSO) SAML settings.

Step 2: Create a policy for Canvas

  1. Login to miniOrange Admin Console.
  2. Go to Policies >> App Authentication Policy.
  3. Add a new policy for Canvas.
    1. Select Canvas from Application dropdown.
    2. Select a Group Name from dropdown - the group for which you want to add Canvas policy.
    3. Give a policy name for Canvas in Policy Name field.
    4. Select the First Factor Type for authentication.
    5. Enable Second Factor for authentication if required.
    6. Click on Save button to add policy for Canvas Single Sign On (SSO).

  4. Now click on Onboard users into our system from View Policy Tab.

Step 3: Onboard users into our system

  1. Download sample csv format from our console and create a CSV file containing your users in this format.

  2. Upload your CSV in our console via Bulk Upload.
  3. After uploading the CSV file successfully, you will see a success message.
  4. From Users/Groups menu, select Manage Users/Groups and go to OnBoarding Status. Select users to send activation mail and click on send activation mail. An activation mail will be sent to the selected users.

Step 4: Register users into our system (End Users)

  1. Sign In to your mail and click on registration link that is valid only for 5 days. You will be redirected to our registration page.
  2. Configure your basic details.

  3. Configure any strong authentication method.

  4. Configure KBA (Security Questions) as your fallback method, in case you lost your phone this will get invoked and save your details.

  5. After successful registration, you will see a registration successful message.

Step 5: Now sign in to your Canvas account with miniOrange IdP by either of the two steps:

    1. Using SP initiated login :-

    1. Go to https://[your_domain] and you will be redirected to miniOrange IdP Sign On Page.

    2. Enter your miniOrange login credential and click on Login. You will be automatically logged in to your Canvas account.

    2. Using IdP initiated login :-

    1. Login to your miniOrange Self Service Console as an End User and click on the Canvas icon on your Dashboard.

Using Two Factor Authentication for Canvas LMS

The most practical way to strengthen authentication is to require a second factor after the username/password stage. Since a password is something that a user knows, ensuring that the user also has something or using biometrics thwarts attackers that steal or gain access to passwords.

Traditional two-factor authentication solutions use hardware tokens (or "fobs") that users carry on their keychains. These tokens generate one-time passwords for the second stage of the login process. However, hardware tokens can cost up to $40 each. It takes time and effort to distribute them, track who has which one, and replace them when they break. They're easy to lose, hard to use, and users consistently report high levels of frustration with token-based systems.

Your choice of second factor

miniOrange authentication service has 15+ authentication methods.

You can choose from any of the above authentication methods to augment your password based authentication. miniOrange authentication service works with all phone types, from landlines to smart-phone platforms. In the simplest case, users just answer a phone call and press a button to authenticate. miniOrange authentication service works internationally, and has customers authenticating from many countries around the world.

For further details refer :

Business trial for free

If you don't find what you are looking for, please contact us at or call us at +1 978 658 9387 to find an answer to your question about Canvas Single Sign On (SSO).

Watch the videos to learn more. Watch Demo