Universal Authentication System v2 (UAS) provides Single Sign-On (SSO) authentication and authentication routing options. UAS can be configured to handle a variety of incoming authentication protocols and convert those into a SAML login request for systems that support an IdP-initiated login. UAS provides a way to integrate other applications into Learn without the overhead of managing applications in an Enterprise Identity Provider authentication solution. 
UAS allows for:

  • SSO authentication
    • MAC protocol (replaces the traditional auto-signon building block)
    • LTI
  • Authentication routing to a pre-defined authentication method based on the user’s institution role
  • Redirect after login
  • Email token authentication

The client is responsible for developing the logic to generate the signature in their application. UAS will accept the signature, validate it, and, if it’s valid, generate a SAML login request to Learn. 

Configuring UAS is a multi-step process. You configure the incoming authentication request protocol and the outgoing SAML response in the UAS Settings. This service will act as a SAML proxy for your application. In Learn, you configure a SAML authentication based on your UAS SAML configuration to provide proper authorization into Learn.

You need to configure the roles that can access the UAS extension. Users with those roles will be able to configure UAS and add authentication adapters.

Configure roles for UAS

  1. Sign into Blackboard Learn with a system admin account.
  2. Access the Admin Panel.
  3. Select Platform Extensions Manager from the Tools and Utilities area.
  4. Select Configuration on the Authentication Adapters Gateway tile.
  5. Select the roles you would like to have access to UAS from the menu.
  6. Select Save.

Access UAS settings

  1. Sign in to Blackboard Learn.
  2. Access the Admin panel.
  3. Select UAS Settings under Tools and Utilities.
UAS settings link

You will need at least two configured and enabled authentication adapters: an incoming adapter and the outgoing SAML adapter.