OAuth 2 authentication

Revision as of 06:42, 6 June 2017 by Helen Foster (talk | contribs) (rewording)

Jump to: navigation, search
New feature
in Moodle 3.8!
Login page with options to log in with an OAuth 2 service

Log in using your account on another site

The OAuth 2 authentication plugin enables users to log in using their Google, Microsoft and/or Facebook account via buttons on the login page.

If account creation is enabled, when a user first logs in, a new account will be created. Otherwise, they will be prompted to link it to their existing account with the same email address.

Enabling OAuth 2 authentication

To use OAuth 2 authentication, an administrator must first create the required OAuth 2 services.

  1. Go to 'OAuth 2 services' in Site administration > Server and click the button to create a new service.
  2. Follow the instructions in OAuth 2 Google service, OAuth 2 Microsoft service or OAuth 2 Facebook service and obtain a client ID and secret.
  3. Enter the client ID and secret, make sure 'Show on login page' is ticked, then save changes.

Repeat for additional services as desired.

Next:

  1. Go to 'Manage authentication' in Site administration and enable the OAuth 2 authentication plugin.
  2. Optional: In the OAuth 2 settings, lock selected user data fields and save changes.

Preventing new account creation

If you don't want new accounts to be created when users log in with an OAuth 2 service:

  1. Go to 'Manage authentication' in Site administration and tick the box 'Prevent account creation when authenticating' (authpreventaccountcreation).
  2. Click the 'Save changes' button.

Troubleshooting

On the 'OAuth 2 services' page, there is a red cross for 'Allow login'

To get a green tick for Allow login, edit the OAuth 2 service and make sure that the setting 'Show on login page' is ticked.

I obtain a coding error after enabling OAuth 2 authentication

Have you any OAuth 2 plugins for earlier versions installed on your site? If so, you will need to uninstall them in order to use the standard OAuth 2 authentication.