OAuth 2 LinkedIn service: Skillnad mellan sidversioner

Från MoodleDocs
Hoppa till:navigering, sök
Main pageManaging a Moodle siteServer settingsOAuth 2 servicesOAuth 2 LinkedIn service
OAuth 2 services
(Created page with "=== Setup App in LinkedIn === To setup an OAuth 2 client with LinkedIn, first we need to login to the https://developer.linkedin.com/ LinkedIn Developers page and create...")
 
m (link edits)
 
(9 mellanliggande sidversioner av 7 användare visas inte)
Rad 1: Rad 1:
=== Setup App in LinkedIn ===
{{OAuth2}}
== LinkedIn setup ==
To setup an OAuth 2 client with LinkedIn, first we need to login to the [https://www.linkedin.com/developers/ LinkedIn Developers page] and create a new app.


To setup  an OAuth 2 client with LinkedIn, first we need to login to the [[https://developer.linkedin.com/ LinkedIn Developers page]] and create a new app.
On the 'Create an app' page, fill in the required fields:
* App name
* LinkedIn Page - The page that this app will be associated with
* App Logo
[[File:linkedin app creation.png]]


[[File:linkedin-1-new-app.png|none|frame|New App]]
After you're done creating the app, you will be redirected to a screen where you can manage various settings related to the app.


Enable the r_basicprofile and r_emailaddress permissions and enter the OAuth 2 authorized redirect URL. This is your site url followed by /admin/oauth2callback.php (e.g. for a Moodle site of https://teach.me/moodle/ the callback url should be https://teach.me/moodle/admin/oauth2callback.php)
=== Permissions / Scope requirements ===
For the client to function properly, it needs to be granted permissions to retrieve information from a user. LinkedIn does this easily by defining 'Products' that an app can be associated with. Each product defines the various use case that the API can be used for. For Moodle purposes, we only require the 'Sign In with LinkedIn' product.


[[File:linkedin-2-configure-app.png|none|frame|Configure App]]
Go to the Products tab and select the 'Sign In with LinkedIn' product


Make sure you save your changes and record your client id and client secret.
[[File:linkedin products prior selection.png]]


Now you have configured your LinkedIn App - you can add the required information to Moodle.
The product will be marked as 'Review in progress' and will take a few minutes to be approved. Once done, the product will be listed in the app's 'Added products' section.  


LinkedIn does not have a "template" in Moodle so we will need to configure it as a "Custom OAuth 2 Service". From the "Site administration > Server > OAuth 2 services" page click on "Create new custom service".
[[File:linkedin added products.png]]


Use "LinkedIn" as the name (This is displayed on the login page).  
=== Client settings ===
Once the product have been successfully added, go to the 'Auth' tab. Here you will find the Authentication keys required to setup your issuer in Moodle. You will have to setup the authorised redirect URLs as is standard for OAuth2.


Enter your client id and secret for the LinkedIn App that you created earlier.
[[File:linkedin auth page.png]]


For the "Scopes included in a login request" and "Scopes included in a login request for offline access" use "r_basicprofile r_emailaddress" which means fetch basic profile information as well as the users email address.
You will also find the OAuth2 scopes listed which was done as part of Scope requirements earlier.  


Enter a url to a logo image.
[[File:linkedin scopes defined.png]]


Check the box for "Show on login page".
== Issuer configuration ==
Authentication via LinkedIn is now a preconfigured service available for administrators. Go to 'Site Admin -> Server -> OAuth2 services' and click on the LinkedIn button.
All you need now is to enter and save the client id and secret and LinkedIn will now be an option for a user on the login page.


Save the details and you should be returned to the list of OAuth 2 Services.
== See also ==
 
* MDL-65637
We still need to provide information on the mappings between linked in user fields and moodle fields as well as the URL's to access the LinkedIn APIs.
 
First we will setup the API URL's.
 
Click on the "Configure Endpoints" icon for the LinkedIn service.
 
Add 3 endpoints as listed below.
 
<code>
userinfo_endpoint https://api.linkedin.com/v1/people/~:(id,email-address,first-name,last-name,picture-url)?format=json
 
authorization_endpoint https://www.linkedin.com/oauth/v2/authorization
 
token_endpoint https://www.linkedin.com/oauth/v2/accessToken
</code>
 
Now we need to add the mapping from LinkedIn user fields to Moodle user fields. From the list of OAuth services click on the "Configure user field mappings" icon.
 
Add the following user field mappings:
 
<code>
firstName firstname
lastName lastname
emailAddress username
emailAddress email
pictureUrl picture
</code>
 
The final step is to make sure the OAuth 2 authentication plugin is enabled and you should now be able to login with LinkedIn.
 
[[OAuth2 Services|Back to OAuth 2 Services]]

Nuvarande version från 5 juli 2021 kl. 13.48

LinkedIn setup

To setup an OAuth 2 client with LinkedIn, first we need to login to the LinkedIn Developers page and create a new app.

On the 'Create an app' page, fill in the required fields:

  • App name
  • LinkedIn Page - The page that this app will be associated with
  • App Logo

linkedin app creation.png

After you're done creating the app, you will be redirected to a screen where you can manage various settings related to the app.

Permissions / Scope requirements

For the client to function properly, it needs to be granted permissions to retrieve information from a user. LinkedIn does this easily by defining 'Products' that an app can be associated with. Each product defines the various use case that the API can be used for. For Moodle purposes, we only require the 'Sign In with LinkedIn' product.

Go to the Products tab and select the 'Sign In with LinkedIn' product

linkedin products prior selection.png

The product will be marked as 'Review in progress' and will take a few minutes to be approved. Once done, the product will be listed in the app's 'Added products' section.

linkedin added products.png

Client settings

Once the product have been successfully added, go to the 'Auth' tab. Here you will find the Authentication keys required to setup your issuer in Moodle. You will have to setup the authorised redirect URLs as is standard for OAuth2.

linkedin auth page.png

You will also find the OAuth2 scopes listed which was done as part of Scope requirements earlier.

linkedin scopes defined.png

Issuer configuration

Authentication via LinkedIn is now a preconfigured service available for administrators. Go to 'Site Admin -> Server -> OAuth2 services' and click on the LinkedIn button. All you need now is to enter and save the client id and secret and LinkedIn will now be an option for a user on the login page.

See also

Hämtad från ”https://docs.moodle.org/4x/sv/index.php?title=OAuth_2_LinkedIn_service&oldid=140733
Powered by MediaWiki