Hi Katherine,

We’re experiencing this issue with Films on Demand and the Alexander Street video databases. (Potentially others as well, but those are the two I’ve seen so far.) And yes, you’re right – I’ve learned over the past 24 hours that LTI integration is the answer when it comes to Canvas. I’ve requested setup of the LTI plugins for those two databases. If there are other databases where this happens and LTI plugins don’t exist, I guess we’re out of luck for now.

We also use LibGuides, and I don’t see a similar solution there – but in LibGuides, I think we can live with using video thumbnails that when clicked, open in a new tab.

Thanks for your reply. 😊

Regards,
Ken

--
Ken Simon | Reference and Online Services Librarian
Shatford Library, Pasadena City College
1570 E. Colorado Boulevard
Pasadena, California 91106
Tel 626.585.7818 | [log in to unmask]<mailto:[log in to unmask]>


From: Code for Libraries <[log in to unmask]> on behalf of Katherine O'Brien <[log in to unmask]>
Date: Monday, December 11, 2023 at 5:16 PM
To: [log in to unmask] <[log in to unmask]>
Subject: Re: [CODE4LIB] SSO authentication and embedded videos
[You don't often get email from [log in to unmask] Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]

Hi Ken,

What databases are the videos from?

We realised recently that we can't embed Credo InfoLit videos into our LibGuides anymore because the LibGuides are public facing and we now have OpenAthens (ie, federated access) when previously we used EZproxy.

However, this has not been an issue with our LMS (Blackboard) because of the LTI integration that Credo has with Blackboard.

Could there be similar for your databases and Canvas?

Cheers,

Katherine

Katherine O’Brien (she/her) | Application Administrator, Online Services
University Library | St Teresa’s Library, Fremantle (ND17)
The University of Notre Dame Australia
T +61 8 9433 0703 | [log in to unmask]

I respect and acknowledge the Traditional owners of the land on which I live and work as the First People and Custodians of this country.


-----Original Message-----
From: Code for Libraries <[log in to unmask]> On Behalf Of Kenneth Simon
Sent: Tuesday, 12 December 2023 3:49 AM
To: [log in to unmask]
Subject: [CODE4LIB] SSO authentication and embedded videos

Hi all,

I'm wondering if anyone has experienced an issue like the one we're facing right now:

* Our campus SSO authentication was switched over to SAML.
* After that switch, videos embedded in Canvas and elsewhere no longer work if they require off-campus authentication.

So, an off-campus user whose instructor has embedded a video from one of our library databases is no longer prompted to authenticate within that embedded area -- instead, depending on the browser they're using, they'll either be prompted to open the video in a new window (helpful), or they just get a general "refused to load" message (not at all helpful!).

I understand the reason for this security -- we don't want people putting in their credentials in an embedded web page under false pretenses!

The obvious workaround is to switch from embedded videos to links, but that goes against best practices for Distance Education, especially when the external link takes the user out of their LMS.

So, my questions for anyone in the know:

* Assuming we have no choice but to stay with SAML, does anyone know of a workaround that will allow users to authenticate and watch an embedded video without leaving the page?
* Does anyone have current experience with other authentication methods that play well with embedded videos? If so, please let me know what they are.

Thank you all for any insights you can provide!

Regards,
Ken

--
Ken Simon | Reference and Online Services Librarian Shatford Library, Pasadena City College
1570 E. Colorado Boulevard
Pasadena, California 91106
Tel 626.585.7818 | [log in to unmask]

Disclaimer

The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful.

This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more visit the Mimecast website.