1. Help and Support | Digital Theatre+
  2. Authentication
  3. Set-Up Guides for Specific SSO Service Providers

Configuring ClassLink to authenticate to Digital Theatre+

This article explains the steps involved in configuring ClassLink to authenticate users to Digital Theatre+

Pre-requisites

  1. You will need Digital Theatre+ metadata, which you can request by completing the form at https://sso.digitaltheatreplus.com 
  2. You will need to have access to the ClassLink SAML Console at https://idp.classlink.com/admin
  3. You will need to have access to the ClassLink LaunchPad Admin Console at https://launchpad.classlink.com/admin

Assumptions

Digital Theatre+ assumes that the SubjectNameId sent in the SAML response will have the syntax of an email address.  If this is not the case, you can send an additional attribute with the email address of the user contained within it.  See the last section of this page for details.

Step 1 - Add a new Service Provider

  1. Go to https://idp.classlink.com/admin
  2. Click Add new
  3. In the name field, enter: Digital Theatre+
  4. Instead of Metadata URL, click the "metadata xml" link underneath the field and copy/paste the contents of Digital Theatre+'s Service Provider Metadata XML file into the field.
  5. Click "Create One" (to create the signing certificate)
  6. Copy the Signing Certificate (not the Private Key) and paste it into a text file, and save this file
  7. Save the IDP
  8. Copy the IdP Metadata URL 
  9. Click the drop down next to the IdP Metadata URL, and select Copy IDP Initiate Login URL
  10. Send (a) the Signing Certificate (b) the IDP Metadata URL and (c) the IDP Initiate Login URL to Digital Theatre+ via support@digitaltheatreplus.com

Digital Theatre+ will import this information into their system to establish the trust between your Identity Provider and the Digital Theatre+ Service Provider.

Step 2 - Set up an App in ClassLink

  1. Go to https://launchpad.classlink.com/admin
  2. Go to Applications > Add & Assign Apps
  3. Click Add
  4. Enter the Application details as follows:
    1. Application Name: Digital Theatre+
    2. Category: Education
    3. Sub-category: General education
    4. Single Sign-App App: Yes
    5. Web address: Insert the Digital Theatre+ ACS URL provided in Digital Theatre+'s Metadata (it will look like this, with the last part being the unique identifier for you: https://auth.digitaltheatreplus.com/sso/saml2/0oa1i2khiw5N64ZW14x7)
    6. Privacy URL: https://edu.digitaltheatreplus.com/privacy-policy
    7. Terms of Service URL: https://edu.digitaltheatreplus.com/terms/
    8. Click Save

Step 3 - Assign the App to Users

  1. Go to https://launchpad.classlink.com/admin
  2. Applications > Add & Assign Apps
  3. Locate the entry for Digital Theatre+
  4. Click the Assign button in the Assign App Column
  5. Add the correct entities (these can be Profiles, Users, Organisations, Courses, so you will know which is right for you to  use)

Optional - Configure additional attributes

Classlink provides the ability to map user information to attributes.

To do this, you will need to:

  1. Go to https://idp.classlink.com/admin
  2. Select the IdP configured for Digital Theatre+
  3. Select the Attributes to Add
    1. Most likely email will be needed, if it is not sent as the Subject Name ID.