generaledx

Enable third-party authentication

NOTE: We are in the process of modifying the file structure and configuration for many Bitnami stacks. On account of these changes, the file paths stated in this guide may change depending on whether your Bitnami stack uses native Linux system packages (Approach A), or if it is a self-contained installation (Approach B). To identify your Bitnami installation type and what approach to follow, run the command below:

 $ test ! -f "/opt/bitnami/common/bin/openssl" && echo "Approach A: Using system packages." || echo "Approach B: Self-contained installation."

The output of the command indicates which approach (A or B) is used by the installation, and will allow you to identify the paths, configuration and commands to use in this guide. Refer to the FAQ for more information on these changes.

Open edX Platform allows you to integrate third-party authentication with two kinds of authentication providers:

This section describes how to integrate Bitnami Open edX with two of the most popular OAuth2 providers: Google and Facebook.

Previous Steps

Integrate edX with Google

Step 1: Register the Open edX site with Google

  • Navigate to the Google Developers Console.
  • Select an existing project or create a new one.
  • Search for the “Google+ API service” in the Google APIs list and press the “Enable API” button.
  • Under “API Manager” sidebar, select “Credentials -> OAuth consent” screen tab.
  • Select “Create credentials”, and then select “OAuth client ID”.
  • For Application type, select “Web application”, choose a “Name” for your client ID and leave the “Authorized JavaScript origins” field blank.
  • Fill the “Authorized redirect URI” field with the value http://SERVER-IP/auth/complete/google-oauth2/. SERVER-IP is a placeholder, please, replace it with the actual domain of your Open edX server.
  • Press the “Create” button and note down “Client ID” and the “Client secret”.

Step 2: Configure Open edX

  • Log in to the server console.

  • Navigate to the Open edX configuration directory. Depending on your installation type, execute the following commands:

    • Approach A (Bitnami installations using system packages):

        $ cd /opt/bitnami/edx/etc
      
    • Approach B (Self-contained Bitnami installations):

        $ cd /opt/bitnami/apps/edx/conf
      
  • Modify the lms.yml file and set FEATURES.ENABLE_THIRD_PARTY_AUTH and FEATURES.ENABLE_COMBINED_LOGIN_REGISTRATION to True.

  • Modify the lms.yml file and set SOCIAL_AUTH_OAUTH_SECRETS as described below:

    NOTE: Remember to replace the CLIENT_SECRET placeholder in the example below with the Client secret you noted down previously.

      SOCIAL_AUTH_OAUTH_SECRETS: {
          "google-oauth2": "CLIENT_SECRET"
      }
    
  • Restart all servers using the graphical manager or the command-line script:

      $ sudo /opt/bitnami/ctlscript.sh restart
    
  • Access the Django administration console (check the [Django Admin Console instructions](../../administration/access-edx-services/ for more information).

  • Browse to “Third Party Auth -> Provider Configuration (OAuth2)”.

  • Select “Add Provider Configuration (OAuth)”.

  • Mark “Enabled” and “Visible” checkbox.

  • Set “Icon Class” to “fa-google-plus”.

  • Set “Name” to “Google”.

  • Set “Backend Name” and “Provider slug” to “google-oauth2”.

  • Set “Client ID” to the “Client ID” you noted down previosuly and leave the “Client secret” field blank.

  • Click the “Save” button.

Integrate edX with Facebook

Step 1: Register the Open edX site with Google

  • Sign in to Facebook, then go to the Facebook for Developers page.
  • Select “Add a New App”.
  • Enter a name for the app and mail address, and then select “Create New Facebook App ID”.
  • Browse to “Settings -> Basic”.
  • Note down the “App ID” and “App Secret”.
  • In the “App Domains field”, enter the actual domain of your Open edX server.
  • Select “Add Platform”, and then select “Website”.
  • Fill the “Site URI” field with the value http://SERVER-IP/. SERVER-IP is a placeholder, please, replace it with the actual domain of your Open edX server.
  • Click “Save Changes” button.

Step 2: Configure Open edX

  • Log in to the server console.

  • Navigate to the Open edX configuration directory. Depending on your installation type, execute the following commands:

    • Approach A (Bitnami installations using system packages):

        $ cd /opt/bitnami/edx/etc
      
    • Approach B (Self-contained Bitnami installations):

        $ cd /opt/bitnami/apps/edx/conf
      
  • Modify the lms.yml file and set FEATURES.ENABLE_THIRD_PARTY_AUTH and FEATURES.ENABLE_COMBINED_LOGIN_REGISTRATION to True.

  • Modify the lms.yml file and set SOCIAL_AUTH_OAUTH_SECRETS as described below:

    NOTE: Remember to replace the CLIENT_SECRET placeholder in the example below with the Client secret you noted down previously.

      "SOCIAL_AUTH_OAUTH_SECRETS": {
          "facebook": "CLIENT_SECRET"
      }
    
  • Restart all servers using the graphical manager or the command-line script:

      $ sudo /opt/bitnami/ctlscript.sh restart
    
  • Access the Django administration console (check the [Django Admin Console instructions](../../administration/access-edx-services/ for more information).

  • Browse to “Third Party Auth -> Provider Configuration (OAuth2)”.

  • Select “Add Provider Configuration (OAuth)”.

  • Mark “Enabled” and “Visible” checkbox.

  • Set “Icon Class” to “fa-facebook”.

  • Set “Name” to “Facebook”.

  • Set “Backend Name” and “Provider slug” to “facebook”.

    IMPORTANT: Remember that both the “Name” and the “Backend Name” fields must match.

  • Set “Client ID” to the “Client ID” you noted down previously and leave the “Client secret” field blank.

  • Click the “Save” button.

Last modification November 10, 2021