Sign in to Blackboard Learn with OpenAthens

This is an example using Blackboard Learn of how to set up a custom SAML resource so that you can log in using the hosted version OpenAthens.

Whilst our service desk will always try to be helpful, they can only support the OpenAthens part of this.

Prerequisites

• Access to the Blackboard Learn admin portal

• Access to the OpenAthens administration area at the domain level

Method

Configure Blackboard Learn

Enable the SAML building block

1. Access the admin portal 
   
   

2. Select Building Blocks and then Installed Tools
   
   

3. If the SAML 2.0 building block is already installed, set it as available
   
   

   1. Install via Upload Building Block if necessary
      
      

4. Check that SAML appears under Authentication in the building blocks section

Configure Blackboard Learn as a Service Provider (SP)

1. Navigate to System Admin > Authentication then go to Create Provider > SAML
   

2. The settings to use are:
   

   1. Name - e.g. OpenAthens

   2. Authentication provider - Set as active

   3. User lookup method - Username

   4. Redirect by hostname - Use for any hostnames

   5. Link text - e.g. OpenAthens
      

3. Select Save and Configure
   

4. Copy your ACS URL into the EntityID field
   

5. Under Service Provider Metadata select generate and save the file to your desktop (you will upload that to us later)
   

6. It is recommended to create a specific data source for SAML sources such as OpenAthens
   

7. The Enable JIT Provisioning checkbox, if selected, will let the system create users when they log in. If you only want pre-configured users to access your VLE leave this cleared

Add OpenAthens as an identity Provider

1. Move down to the identity provider section 
   

2. Add your OpenAthens metadata URL
   

   1. E.g: https://login.openathens.net/saml/2/metadata-idp/YOUROPENATHENSDOMAIN

   2. For details, see how to access your login.openathens.net metadata.
      

3. In the Map SAML Attributes section, specify which OpenAthens attribute will be used for the username
   

   1. Commonly emailAddress or username depending on what you are already using in Blackboard

   2. If you are not sure, you can come back and change it later
      

4. Submit
   

Set up the custom SAML resource in OpenAthens

1. Access the administration area as the domain administrator and navigate to the catalogue (Resources > Catalogue).
   

2. Switch to the custom tab and click on the Add button
   

   

   
   

3. Select the SAML option 
   

4. Upload the metadata you saved earlier
   

5. Click the create button

This will create the basic custom resource. We can come back and add details later if we need to.

Add Blackboard Lean to your release policy

1. Still in the administration area navigate to the release policy page (Preferences > Attribute release)
   

   

   
   

2. Add a resource policy via the button
   

   1. Start typing the name you gave the SAML resource.

   2. Select it from the list of any options to add a policy
      

3. Click the attribute you set as the username in Blackboard so that it will be released to that resource
   

4. Click done and then save changes

Restrictive mode

If you are running in restrictive mode, the SAML resource MUST be included in at least one of the permission sets used by anyone who should gain access. If not then OpenAthens will block access at the authentication point.

If you have sub-organisations using restrictive mode you MUST ALSO set the visibility setting described above and allocate it to permission sets under those sub-organisations. The cascade option may be useful.

Whilst our service desk will always try to be helpful, they can only support the OpenAthens part of this.