Enable third-party authentication

Open edX Platform allows you to integrate third-party authentication with two kinds of authentication providers:

This section describes how to integrate Bitnami Open edX with two of the most popular OAuth2 providers: Google and Facebook.

Navigate to the Google Developers Console.
Select an existing project or create a new one.
Search for the “Google+ API service” in the Google APIs list and press the “Enable API” button.
Under “API Manager” sidebar, select “Credentials -> OAuth consent” screen tab.
Select “Create credentials”, and then select “OAuth client ID”.
For Application type, select “Web application”, choose a “Name” for your client ID and leave the “Authorized JavaScript origins” field blank.
Fill the “Authorized redirect URI” field with the value http://SERVER-IP/auth/complete/google-oauth2/. SERVER-IP is a placeholder, please, replace it with the actual domain of your Open edX server.
Press the “Create” button and note down “Client ID” and the “Client secret”.

Log in to the server console.
Navigate to the /opt/bitnami/apps/edx/conf directory.
Modify the lms.env.json file and set FEATURES.ENABLE_THIRD_PARTY_AUTH and FEATURES.ENABLE_COMBINED_LOGIN_REGISTRATION to True.
Modify the lms.auth.json file and set SOCIAL_AUTH_OAUTH_SECRETS as described below:

NOTE: Remember to replace the CLIENT_SECRET placeholder in the example below with the Client secret you noted down previously.
```
"SOCIAL_AUTH_OAUTH_SECRETS": {
    "google-oauth2": "CLIENT_SECRET"
}
```
Restart all servers using the graphical manager or the command-line script:
```
$ sudo /opt/bitnami/ctlscript.sh restart
```
Access the Django administration console (check the Django Admin Console instructions.
Browse to “Third Party Auth -> Provider Configuration (OAuth2)”.
Select “Add Provider Configuration (OAuth)”.
Mark “Enabled” and “Visible” checkbox.
Set “Icon Class” to “fa-google-plus”.
Set “Name” to “Google”.
Set “Backend Name” and “Provider slug” to “google-oauth2”.
Set “Client ID” to the “Client ID” you noted down previosuly and leave the “Client secret” field blank.
Click the “Save” button.

Sign in to Facebook, then go to the Facebook for Developers page.
Select “Add a New App”.
Enter a name for the app and mail address, and then select “Create New Facebook App ID”.
Browse to “Settings -> Basic”.
Note down the “App ID” and “App Secret”.
In the “App Domains field”, enter the actual domain of your Open edX server.
Select “Add Platform”, and then select “Website”.
Fill the “Site URI” field with the value http://SERVER-IP/. SERVER-IP is a placeholder, please, replace it with the actual domain of your Open edX server.
Click “Save Changes” button.

Log in to the server console.
Navigate to the /opt/bitnami/apps/edx/conf directory.
Modify the lms.env.json file and set FEATURES.ENABLE_THIRD_PARTY_AUTH and FEATURES.ENABLE_COMBINED_LOGIN_REGISTRATION to True.
Modify the lms.auth.json file and set SOCIAL_AUTH_OAUTH_SECRETS as described below:

NOTE: Remember to replace the CLIENT_SECRET placeholder in the example below with the Client secret you noted down previously.

    "SOCIAL_AUTH_OAUTH_SECRETS": {
        "facebook": "CLIENT_SECRET"
    }

Restart all servers using the graphical manager or the command-line script:
```
$ sudo /opt/bitnami/ctlscript.sh restart
```
Access the Django administration console (check the Django Admin Console instructions.
Browse to “Third Party Auth -> Provider Configuration (OAuth2)”.
Select “Add Provider Configuration (OAuth)”.
Mark “Enabled” and “Visible” checkbox.
Set “Icon Class” to “fa-facebook”.
Set “Name” to “Facebook”.
Set “Backend Name” and “Provider slug” to “facebook”.

IMPORTANT: Remember that both the “Name” and the “Backend Name” fields must match.
Set “Client ID” to the “Client ID” you noted down previously and leave the “Client secret” field blank.
Click the “Save” button.