googleedx

Enable third-party authentication

Open edX Platform allows you to integrate third-party authentication with two kinds of authentication providers:

This section describes how to integrate Bitnami Open edX with two of the most popular OAuth2 providers: Google and Facebook.

Previous Steps

Integrate edX with Google

Step 1: Register the Open edX site with Google

  • Navigate to the Google Developers Console.
  • Select an existing project or create a new one.
  • Search for the “Google+ API service” in the Google APIs list and press the “Enable API” button.
  • Under “API Manager” sidebar, select “Credentials -> OAuth consent” screen tab.
  • Select “Create credentials”, and then select “OAuth client ID”.
  • For Application type, select “Web application”, choose a “Name” for your client ID and leave the “Authorized JavaScript origins” field blank.
  • Fill the “Authorized redirect URI” field with the value http://SERVER-IP/auth/complete/google-oauth2/. SERVER-IP is a placeholder, please, replace it with the actual domain of your Open edX server.
  • Press the “Create” button and note down “Client ID” and the “Client secret”.

Step 2: Configure Open edX

  • Log in to the server console.
  • Navigate to the /opt/bitnami/apps/edx/conf directory.
  • Modify the lms.env.json file and set FEATURES.ENABLE_THIRD_PARTY_AUTH and FEATURES.ENABLE_COMBINED_LOGIN_REGISTRATION to True.
  • Modify the lms.auth.json file and set SOCIAL_AUTH_OAUTH_SECRETS as described below:

    NOTE: Remember to replace the CLIENT_SECRET placeholder in the example below with the Client secret you noted down previously.

    "SOCIAL_AUTH_OAUTH_SECRETS": {
        "google-oauth2": "CLIENT_SECRET"
    }
    
  • Restart all servers using the graphical manager or the command-line script:

    $ sudo /opt/bitnami/ctlscript.sh restart
    
  • Access the Django administration console (check the Django Admin Console instructions.

  • Browse to “Third Party Auth -> Provider Configuration (OAuth2)”.

  • Select “Add Provider Configuration (OAuth)”.

  • Mark “Enabled” and “Visible” checkbox.

  • Set “Icon Class” to “fa-google-plus”.

  • Set “Name” to “Google”.

  • Set “Backend Name” and “Provider slug” to “google-oauth2”.

  • Set “Client ID” to the “Client ID” you noted down previosuly and leave the “Client secret” field blank.

  • Click the “Save” button.

Integrate edX with Facebook

Step 1: Register the Open edX site with Google

  • Sign in to Facebook, then go to the Facebook for Developers page.
  • Select “Add a New App”.
  • Enter a name for the app and mail address, and then select “Create New Facebook App ID”.
  • Browse to “Settings -> Basic”.
  • Note down the “App ID” and “App Secret”.
  • In the “App Domains field”, enter the actual domain of your Open edX server.
  • Select “Add Platform”, and then select “Website”.
  • Fill the “Site URI” field with the value http://SERVER-IP/. SERVER-IP is a placeholder, please, replace it with the actual domain of your Open edX server.
  • Click “Save Changes” button.

Step 2: Configure Open edX

  • Log in to the server console.
  • Navigate to the /opt/bitnami/apps/edx/conf directory.
  • Modify the lms.env.json file and set FEATURES.ENABLE_THIRD_PARTY_AUTH and FEATURES.ENABLE_COMBINED_LOGIN_REGISTRATION to True.
  • Modify the lms.auth.json file and set SOCIAL_AUTH_OAUTH_SECRETS as described below:

NOTE: Remember to replace the CLIENT_SECRET placeholder in the example below with the Client secret you noted down previously.

    "SOCIAL_AUTH_OAUTH_SECRETS": {
        "facebook": "CLIENT_SECRET"
    }
  • Restart all servers using the graphical manager or the command-line script:

    $ sudo /opt/bitnami/ctlscript.sh restart
    
  • Access the Django administration console (check the Django Admin Console instructions.

  • Browse to “Third Party Auth -> Provider Configuration (OAuth2)”.

  • Select “Add Provider Configuration (OAuth)”.

  • Mark “Enabled” and “Visible” checkbox.

  • Set “Icon Class” to “fa-facebook”.

  • Set “Name” to “Facebook”.

  • Set “Backend Name” and “Provider slug” to “facebook”.

    IMPORTANT: Remember that both the “Name” and the “Backend Name” fields must match.

  • Set “Client ID” to the “Client ID” you noted down previously and leave the “Client secret” field blank.

  • Click the “Save” button.