Note: You are currently viewing documentation for Moodle 3.6. Up-to-date documentation for the latest stable version of Moodle is likely available here: Authentication.

Authentication

From MoodleDocs

Email-based authentication

Email confirmation is the default authentication method. When the user signs up, choosing their own new username and password, a confirmation email is sent to the user's email address. This email contains a secure link to a page where the user can confirm their account. Future logins just check the username and password against the stored values in the Moodle database.

Manual accounts only

This method removes any way for users to create their own accounts. All accounts must be manually created by the admin user.

No authentication

Users can sign in and create valid accounts immediately, with no authentication against an external server and no confirmation via email. Be careful using this option - think of the security and administration problems this could cause.

PAM (Pluggable Authentication Modules)

This method uses PAM to access the native usernames on this server. You have to install PHP4 PAM Authentication in order to use this module.

Shibboleth

Using this method users are created and authenticated using Shibboleth. Be sure to read the README for Shibboleth on how to set up your Moodle with Shibboleth.

Use a CAS server (SSO)

This method uses a CAS server (Central Authentication Service) to authenticate users in a Single Sign On environment (SSO). You can also use a simple LDAP authentication. If the given username and password are valid according to CAS, Moodle creates a new user entry in its database, taking user attributes from LDAP if required. On following logins only the username and password are checked.

Use an LDAP server

This method provides authentication against an external LDAP server. If the given username and password are valid, Moodle creates a new user entry in its database. This module can read user attributes from LDAP and prefill wanted fields in Moodle. For following logins only the username and password are checked.