Web Community Manager allows for Security Assertion Markup Language (SAML) integration with Active Directory Federation Services (ADFS) 2.0-4.0 serving as the identity provider.
Blackboard must turn on the configuration options for SAML on your Site Manager. Talk to your Blackboard contact if you don't have SAML and want it.
Active Directory Federation Services (ADFS) is a software component developed by Microsoft that can be installed on Windows Server operating systems to offer single sign-on access to network-accessible systems and applications. ADFS can perform this service through several different means. SAML is the one that WCM supports.
Security Assertion Markup Language (SAML) is an internet standard that allows service providers, like WCM, to trust identity providers, like ADFS, so that when the identity provider asserts a user's identity, the service provider accepts that as true.
In other words, when the identity provider tells the site "This is Joe, let him in", the site lets Joe in with all the access that he normally has by logging in to the site directly.
If you've deployed SAML integration before, there are a few special considerations that may differ from your previous experience.
- No Metadata. This implementation doesn't use Identity Provider Metadata nor Service Provider Metadata.
- Certificate. Blackboard provides the identity provider's SSL certificate.
The following information assumes that your ADFS server is fully maintained, monitored, and secured to the standards set by your network policies and ready for use. For specific questions on the deployments, security, or maintenance of your ADFS service, please consult your software vendor.
Before you get started
- Add SAML to your Blackboard account. Contact your account team to check if SAML is part of your WCM package.
- Verify your ADFS service is fully deployed according to your network policies. For specific questions on deployment, please contact your software vendor.
- Enable SAML within WCM. Enable SAML by navigating to Site Manager > Configure > System Settings > Integration Tab. If you can't enable SAML, reach out to WCM support.
- Verify your WCM site is deployed on your permanent live domain. SAML references the domain name for sending assertions, so don't change domain names after deploying SAML.
- Locate the Blackboard-provided certificate to install in ADFS. The certificate comes with your initial SAML implementation information. If you need another copy of the certificate, reach out to WCM support.