Enable third-party authentication
Open edX Platform allows you to integrate third-party authentication with two kinds of authentication providers:
This section describes how to integrate Bitnami Open edX with two of the most popular OAuth2 providers: Google and Facebook.
Previous Steps
- Configure the server domain as described in this section.
- Configure the SMTP settings as described in this section.
Integrate edX with Google
Step 1: Register the Open edX site with Google
- Navigate to the Google Developers Console.
- Select an existing project or create a new one.
- Search for the “Google+ API service” in the Google APIs list and press the “Enable API” button.
- Under “API Manager” sidebar, select “Credentials -> OAuth consent” screen tab.
- Select “Create credentials”, and then select “OAuth client ID”.
- For Application type, select “Web application”, choose a “Name” for your client ID and leave the “Authorized JavaScript origins” field blank.
- Fill the “Authorized redirect URI” field with the value http://SERVER-IP/auth/complete/google-oauth2/. SERVER-IP is a placeholder, please, replace it with the actual domain of your Open edX server.
- Press the “Create” button and note down “Client ID” and the “Client secret”.
Step 2: Configure Open edX
-
Log in to the server console.
-
Navigate to the /opt/bitnami/apps/edx/conf directory.
-
Modify the lms.yml file and set FEATURES.ENABLE_THIRD_PARTY_AUTH and FEATURES.ENABLE_COMBINED_LOGIN_REGISTRATION to True.
-
Modify the lms.yml file and set SOCIAL_AUTH_OAUTH_SECRETS as described below:
NOTE: Remember to replace the CLIENT_SECRET placeholder in the example below with the Client secret you noted down previously.
SOCIAL_AUTH_OAUTH_SECRETS: { "google-oauth2": "CLIENT_SECRET" }
-
Restart all servers using the graphical manager or the command-line script:
$ sudo /opt/bitnami/ctlscript.sh restart
-
Access the Django administration console (check the [Django Admin Console instructions](../../administration/access-edx-services/ for more information).
-
Browse to “Third Party Auth -> Provider Configuration (OAuth2)”.
-
Select “Add Provider Configuration (OAuth)”.
-
Mark “Enabled” and “Visible” checkbox.
-
Set “Icon Class” to “fa-google-plus”.
-
Set “Name” to “Google”.
-
Set “Backend Name” and “Provider slug” to “google-oauth2”.
-
Set “Client ID” to the “Client ID” you noted down previosuly and leave the “Client secret” field blank.
-
Click the “Save” button.
Integrate edX with Facebook
Step 1: Register the Open edX site with Google
- Sign in to Facebook, then go to the Facebook for Developers page.
- Select “Add a New App”.
- Enter a name for the app and mail address, and then select “Create New Facebook App ID”.
- Browse to “Settings -> Basic”.
- Note down the “App ID” and “App Secret”.
- In the “App Domains field”, enter the actual domain of your Open edX server.
- Select “Add Platform”, and then select “Website”.
- Fill the “Site URI” field with the value http://SERVER-IP/. SERVER-IP is a placeholder, please, replace it with the actual domain of your Open edX server.
- Click “Save Changes” button.
Step 2: Configure Open edX
-
Log in to the server console.
-
Navigate to the /opt/bitnami/apps/edx/conf directory.
-
Modify the lms.yml file and set FEATURES.ENABLE_THIRD_PARTY_AUTH and FEATURES.ENABLE_COMBINED_LOGIN_REGISTRATION to True.
-
Modify the lms.yml file and set SOCIAL_AUTH_OAUTH_SECRETS as described below:
NOTE: Remember to replace the CLIENT_SECRET placeholder in the example below with the Client secret you noted down previously.
"SOCIAL_AUTH_OAUTH_SECRETS": { "facebook": "CLIENT_SECRET" }
-
Restart all servers using the graphical manager or the command-line script:
$ sudo /opt/bitnami/ctlscript.sh restart
-
Access the Django administration console (check the [Django Admin Console instructions](../../administration/access-edx-services/ for more information).
-
Browse to “Third Party Auth -> Provider Configuration (OAuth2)”.
-
Select “Add Provider Configuration (OAuth)”.
-
Mark “Enabled” and “Visible” checkbox.
-
Set “Icon Class” to “fa-facebook”.
-
Set “Name” to “Facebook”.
-
Set “Backend Name” and “Provider slug” to “facebook”.
IMPORTANT: Remember that both the “Name” and the “Backend Name” fields must match.
-
Set “Client ID” to the “Client ID” you noted down previously and leave the “Client secret” field blank.
-
Click the “Save” button.