Skip to main content

The Study Hall

Single Sign-On (SSO) Into Canvas With miniOrange

With miniOrange single sign-on (SSO), you can quickly increase the security of your information and resources within Canvas, without worrying about initial setup time, remembering multiple passwords, or dealing with upgrades down the road. By connecting all of your web and SaaS apps with one set of credentials, miniOrange makes access to your learning systems and tools easier and more flexible, without compromising security.

How miniOrange Works as an Identity Provider

User credentials and other identifying information are stored and managed by a centralized system called identity provider (IdP), a trusted system that provides secure access to other service providers (SP).

Through this identity provider, you can use single sign-on (SSO) to access other websites, applications, and systems. The miniOrange identity provider provides centralized, simple management and synchronization of identities for users, devices, and things. It's designed as a unified platform for all of your identity and access management needs, and it's highly flexible and able to fit into almost any use case and workflow.

 — two double quotes without any content).

In addition to being easy to use, easy to install, and flexible, miniOrange offers 

24-7 world-class tech support, support for customization within your institution's workflows, both on-premise and cloud solutions, and competitive pricing.

miniOrange Features:

Single Sign-On (SSO): The miniOrange SSO solution provides easy and seamless access to Canvas applications and all enterprise resources with one set of credentials. miniOrange also provides secure authentication by establishing a trust relationship between the Service Provider and Identity Provider.

Multi-Factor Authentication: Secure your Canvas application from password thefts using multi-factor authentication methods with 15+ authentication types provided by miniOrange.

IP Blocking: miniOrange provides manual and automatic (user behavior based) IP blocking/IP restriction for Canvas login, which adds security to Gmail, web, and other applications.

Adaptive Authentication: miniOrange Adaptive Authentication aims to provide a better experience by reducing the authentication burden on Canvas users while enforcing strong authentication where it's needed the most.

User Provisioning: miniOrange User Provisioning provides an easy way to create, manage and maintain end users in Canvas to reduce the risk of unauthorized access to information.

Here's how miniOrange supports both identity provider- and service-provider-initiated single sign-on.

Identity Provider (IdP)-Initiated Single Sign-On (SSO)

In IdP-initiated login, an SAML request is initiated from the miniOrange IdP. The "Enduser" first authenticates through the miniOrange IdP via login to the miniOrange Self Service Console. The Enduser will be redirected to their Canvas account by clicking the Canvas icon on the Enduser Dashboard—no need to log in again.

Service Provider (SP)-Initiated Single Sign-On (SSO)

In SP-initiated login, an SAML request is initiated by Canvas. If an "Enduser" tries to access their account through the Canvas domain, they'll be redirected to the miniOrange Self Service Console where they can enter the miniOrange login credentials and log in to their Canvas account.

See our Canvas-specific SSO steps here.

For more information about single sign-on (SSO), multi-factor authentication (MFA), and security solutions, visit miniOrange.