When planning your authentication implementation, consider the following questions.

Is your school using an external authentication provider?

Blackboard Learn includes a default, internal authentication provider. You can make it Inactive, but you can't delete it. To learn more, see Implementing Authentication.


What external authentication provider is your school using?

CAS, LDAP, and SAML are supported authentication providers. To learn more about their setups, see Implementing Authentication.


Does your school require more than one authentication provider? Do you have a plan for when one provider source is broken?

To learn more, see Provider Order.


Does your school have more than one hostname? Does each hostname have a unique authentication provider?

To learn more, see Authentication Providers and Provider Order.


Is your Blackboard Learn instance populated with users? Does your school have a Student Integration System?

For integrated authentication to work, you need to have your users and their usernames in the system. The Authentication Logs identify system activity for users. To learn more, see About SIS Integration.

This topic is located in the Self- and Managed-Hosting section. When you're finished, use your browser's back function to return here.


Icon that indicates the release note is a new feature

How do I hide the “Change Password” option from users when my institution is using an Identity Provider (single sign-on)?

 

When using an Identity Provider (IdP) such as Microsoft Azure Active Directory, we recommend turning off the password reset option for users. This is because users will manage their password in the IdP, not in Learn. This is done by editing system roles that are in use. Most users likely have the “None” System Role. Restrict the Change Password privilege since this is done outside of Learn. Do the same to other System Roles applied to users who use single sign-on.

Restrict the Change Password privilege

When just some users are expected to set their password in Learn, add the Change Password privilege to the applicable system role(s). You can also create a system role just to grant access to change password and apply this as a secondary system role to appropriate users.

Image: Creating a new system role for users who will need to change their password.

Creating a new system role for users who will need to change their password

Image: Granting the privilege to change password. If using Original Experience, it’s also necessary to enable access to the Personal Information area.

Granting the privilege to change password. If using Original Experience, it’s also necessary to enable access to the Personal Information area.

Image: The new system role can be applied as the primary or a secondary system role for users who should change their passwords in Learn.

The new system role can be applied as the primary or a secondary system role for users who should change their passwords in Learn