generaledx

Configure Open edX as an OAuth 2.0 authentication provider

NOTE: We are in the process of modifying the file structure and configuration for many Bitnami stacks. On account of these changes, the file paths stated in this guide may change depending on whether your Bitnami stack uses native Linux system packages (Approach A), or if it is a self-contained installation (Approach B). To identify your Bitnami installation type and what approach to follow, run the command below:

 $ test ! -f "/opt/bitnami/common/bin/openssl" && echo "Approach A: Using system packages." || echo "Approach B: Self-contained installation."

The output of the command indicates which approach (A or B) is used by the installation, and will allow you to identify the paths, configuration and commands to use in this guide. Refer to the FAQ for more information on these changes.

Open edX Platform can be configured as an OAuth 2.0 provider. Follow the steps below:

  • Log in to the server console.

  • Navigate to the Open edX configuration directory. Depending on your installation type, it will be located in the following paths:

    • Approach A (Bitnami installations using system packages): /opt/bitnami/edx/etc directory.
    • Approach B (Self-contained Bitnami installations): /opt/bitnami/apps/edx/conf directory.
  • Depending on your installation type, modify the LMS and Studio CMS configuration files inside the Open edX configuration directory and set ENABLE_OAUTH2_PROVIDER to True:

    NOTE: Depending on your installation type, the LMS and Studio CMS configuration files will be located in the following paths, respectively:

    • Approach A (Bitnami installations using system packages): /opt/bitnami/edx/etc/lms.yml and /opt/bitnami/edx/etc/studio.yml.

    • Approach B (Self-contained Bitnami installations): /opt/bitnami/apps/edx/conf/lms.yml and /opt/bitnami/apps/edx/conf/cms.yml.

  • Restart all services:

      $ sudo /opt/bitnami/ctlscript.sh restart
    

You should now be able to access the OAuth 2.0 access token by sending a POST request to http://SERVER-IP/oauth2/access_token.

Last modification November 10, 2021