Enable SAML third-party login for Padlet for Schools

There are a few different ways to enable third-party login on Padlet. This article will describe how to connect Padlet to your school's SAML Identity Provider (IdP).

How to set up SAML on Padlet

You will need access to the owner/administrator account on Padlet for Schools.

  1. Turn SAML on

Settings > Organization Info > SAML

  1. Register Padlet using Padlet's metadata URL

On the same page, under the toggle button, copy Padlet's metadata URL.

For us to set up login via SAML for your Padlet for Schools organization, you will need to register Padlet, the SAML Service Provider (SP) on your school's SAML Identity Provider (IdP).

  1. Provide your IdP's Metadata URL

Under this field, indicate your IdP metadata URL if it has not yet been captured. It should look something like this:

  1. Fill in required claims

The following are required claims you must provide:

Field

Information to be entered

Email attribute

The email you'd like to use with Padlet for authentication purposes

Note: If there are existing accounts, we will match the email addresses accordingly. See FAQ below for more information regarding existing users.

Name attribute

Posts and comments by the user will be attributed to this name

  1. Optional fields

Role attribute should be provided if you wish to automatically assign teacher/student roles to accounts. If left blank, all accounts created will automatically be assigned student roles.

If an existing account is assigned a student role but is listed as a faculty, staff or employee in the role attribute, the account will be upgraded to teacher accordingly.

Connection name will affect the appearance of the login button on your organisation's sign in page. It is recommended that a familiar connection name be selected.

For example, if you choose "SAML intranet", this is the text that will appear on your login screen:

  1. Test SAML before rolling it out

Under the same page, Settings > Organization Info > SAML, enable Dev mode.

Dev mode allows you to test SAML in a sandbox without affecting any users in the organisation. You can access the sandbox using the private link listed in the Dev mode description.

Testing tips
  • Use SAML to create a completely new account and check that the email, name and role are correctly assigned to the newly created user.
  • Use SAML to sign into an existing account to ensure that the user is able to sign into the correct Padlet account and the existing content remains unaffected.
  • Use a SAML account with faculty, staff or employee role attributes to sign into an existing Padlet student account to check if the account's role will be automatically upgraded from student to teacher.

Once testing is complete, you can roll out SAML to everyone in your account by turning Dev mode off.

SAML should now be available on your organisation's account.

FAQs

For existing users, will they lose any data?
No. As long as the email attribute sent to us through SAML is the same as the email used for the existing user on Padlet, users will not lose any data.
I logged in with SAML and cannot see my existing content, what do I do?
If the email sent to us by SAML is not the same as the email used on the existing account, it is possible that an entirely new account has been created. However, this does not remove any existing content from your old account. To confirm if this is the case, check the email indicated on Settings > Basic Info.

Simply correct the email attribute in the required claims section to match the email currently in use and you should be able to find your existing account.
How can I configure custom attribute mapping for SAML?
Please reach out to us with your request using this contact form.


How did we do?


Powered by HelpDocs (opens in a new tab)