Note: You are currently viewing documentation for Moodle 3.4. Up-to-date documentation for the latest stable version of Moodle is likely available here: OAuth 2 services.

OAuth 2 services: Difference between revisions

From MoodleDocs
m (Tsala moved page OAuth2 Services to OAuth 2 services)
m (added link to Spanish translation of page)
Line 28: Line 28:
* [[OAuth 2 Microsoft service]]
* [[OAuth 2 Microsoft service]]
* [[OAuth 2 Facebook service]]
* [[OAuth 2 Facebook service]]
[[es:Servicios OAuth 2]]

Revision as of 22:03, 29 April 2017

New feature
in Moodle 3.4!

OAuth2 services

Moodle 3.3 adds support for OAuth 2 services in core which can be used by any plugins to provide authenticated access to external services either as the current user, or using a system account.

OAuth 2 services are used for example, to provide a "Login using Google/Microsoft/Facebook" feature on the login page, and then to share that authenticated session with repositories like Google Drive and Office 365 without having to re-authenticate.

OAuth 2 services can be used by plugins even if they do not use them on the login page, and it's possible to login to multiple services at the same time.

Login

The steps required to enable login using an OAuth 2 service are:

  1. Create the OAuth 2 Service using the administration page at "Site administration -> Server -> OAuth 2 Services". There are templates available to create a pre-configured OAuth 2 service for Google, Office 365 and Facebook or you can manually enter all the required details for a custom OAuth 2 service.
  2. Register a new application with the OAuth 2 Service provider. Instructions for how to do this with Google, Office 365 and Facebook are listed below.
  3. Enter the Client ID and Secret into the configuration page for the OAuth 2 service in Moodle.
  4. Enable the OAuth 2 Authentication module.

Open ID Connect

Open ID Connect is a standard for OAuth 2 login services that makes it easier to setup a working login system. If the service you are setting up is Open ID Connect compliant, you will only have to enter the base url for the service, and Moodle will discover all the other information required by requesting the "discovery document" which is expected to exist at <issuer base url>/.well-known/openid-configuration.

How do I get a client ID and secret?

The client ID and secret are created outside of Moodle when setting up the OAuth provider. Instructions for prominent OAuth 2 providers are linked here.