Enable third-party authentication
Open edX Platform allows you to integrate third-party authentication with two kinds of authentication providers:
This section describes how to integrate Bitnami Open edX with two of the most popular OAuth2 providers: Google and Facebook.
Previous Steps
- Configure the server domain as described in this section.
- Configure the SMTP settings as described in this section.
Integrate edX with Google
Step 1: Register the Open edX site with Google
- Navigate to the Google Developers Console.
- Select an existing project or create a new one.
- Search for the “Google+ API service” in the Google APIs list and press the “Enable API” button.
- Under “API Manager” sidebar, select “Credentials -> OAuth consent” screen tab.
- Select “Create credentials”, and then select “OAuth client ID”.
- For Application type, select “Web application”, choose a “Name” for your client ID and leave the “Authorized JavaScript origins” field blank.
- Fill the “Authorized redirect URI” field with the value http://localhost/auth/complete/google-oauth2/. localhost is a placeholder, please, replace it with the actual domain of your Open edX server.
- Press the “Create” button and note down “Client ID” and the “Client secret”.
Step 2: Configure Open edX
- Log in to the server console.
- Navigate to the installdir/apps/edx/conf directory.
- Modify the lms.env.json file and set FEATURES.ENABLE_THIRD_PARTY_AUTH and FEATURES.ENABLE_COMBINED_LOGIN_REGISTRATION to True.
Modify the lms.auth.json file and set SOCIAL_AUTH_OAUTH_SECRETS as described below:
NOTE: Remember to replace the CLIENT_SECRET placeholder in the example below with the Client secret you noted down previously.
"SOCIAL_AUTH_OAUTH_SECRETS": { "google-oauth2": "CLIENT_SECRET" }
Restart all servers using the graphical manager or the command-line script:
$ sudo installdir/ctlscript.sh restart
Access the Django administration console (check the Django Admin Console instructions.
Browse to “Third Party Auth -> Provider Configuration (OAuth2)”.
Select “Add Provider Configuration (OAuth)”.
Mark “Enabled” and “Visible” checkbox.
Set “Icon Class” to “fa-google-plus”.
Set “Name” to “Google”.
Set “Backend Name” and “Provider slug” to “google-oauth2”.
Set “Client ID” to the “Client ID” you noted down previosuly and leave the “Client secret” field blank.
Click the “Save” button.
Integrate edX with Facebook
Step 1: Register the Open edX site with Google
- Sign in to Facebook, then go to the Facebook for Developers page.
- Select “Add a New App”.
- Enter a name for the app and mail address, and then select “Create New Facebook App ID”.
- Browse to “Settings -> Basic”.
- Note down the “App ID” and “App Secret”.
- In the “App Domains field”, enter the actual domain of your Open edX server.
- Select “Add Platform”, and then select “Website”.
- Fill the “Site URI” field with the value http://localhost/. localhost is a placeholder, please, replace it with the actual domain of your Open edX server.
- Click “Save Changes” button.
Step 2: Configure Open edX
- Log in to the server console.
- Navigate to the installdir/apps/edx/conf directory.
- Modify the lms.env.json file and set FEATURES.ENABLE_THIRD_PARTY_AUTH and FEATURES.ENABLE_COMBINED_LOGIN_REGISTRATION to True.
- Modify the lms.auth.json file and set SOCIAL_AUTH_OAUTH_SECRETS as described below:
NOTE: Remember to replace the CLIENT_SECRET placeholder in the example below with the Client secret you noted down previously.
"SOCIAL_AUTH_OAUTH_SECRETS": {
"facebook": "CLIENT_SECRET"
}
Restart all servers using the graphical manager or the command-line script:
$ sudo installdir/ctlscript.sh restart
Access the Django administration console (check the Django Admin Console instructions.
Browse to “Third Party Auth -> Provider Configuration (OAuth2)”.
Select “Add Provider Configuration (OAuth)”.
Mark “Enabled” and “Visible” checkbox.
Set “Icon Class” to “fa-facebook”.
Set “Name” to “Facebook”.
Set “Backend Name” and “Provider slug” to “facebook”.
IMPORTANT: Remember that both the “Name” and the “Backend Name” fields must match.
Set “Client ID” to the “Client ID” you noted down previously and leave the “Client secret” field blank.
Click the “Save” button.