Hello there!

Need Help? We are right here!

support
miniOrange Email Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Single Sign On (SSO) for Moodle Server
miniOrange provides a ready to use solution for Moodle. This solution ensures that you are ready to roll out secure access to your Moodle server within minutes.

Moodle

miniOrange provides secure access to Moodle for enterprises and full control over access of applications, Single Sign On (SSO) into Moodle with one set of login credentials.

miniOrange SAML Single Sign on (SSO) plugin acts as a SAML Service Provider which can be configured to establish the trust between the plugin and a SAML capable Identity Providers to securely authenticate the user to the Moodle site.

If you want Moodle to acts as a SAML Identity Provider and single sign on into various SAML supported Service Providers to securely authenticate the user using the Moodle site then you need to use Moodle as IDP plugin.

Plans for everyone:

Free

Click here for trial

$0


Unlimited Authentications
Basic Role Mapping
Basic Attribute Mapping
Basic Attribute Mapping
Widget to add IDP Login Link on your site


Basic Email Support

Do it yourself

Contact Us

$349 - One Time Payment


Unlimited Authentications Supported *
Customized Role Mapping
Customized Attribute Mapping
Auto-Redirect to IdP
Widget, Shortcode to add IDP Login Link on your site
Step-By-Step Guide to Setup your IdP
SAML Single Logout
Support for sites behind reverse-proxy
Protect your complete site
Options to select SAML Request binding type
Multi-Site Support
Integrated Windows Authentication


Basic Email Support


Premium

Contact Us

$349 + One Time Setup Fees
( $60 per hour )


Unlimited Authentications Supported *
Customized Role Mapping
Customized Attribute Mapping
Auto-Redirect to Idp
Widget, Shortcode to add IDP Login Link on your site
Step-By-Step Guide to Setup your IdP
SAML Single Logout
Support for sites behind reverse-proxy
Protect your complete site
Options to select SAML Request binding type
Multi-Site Support
Configure Multiple IDP's against one Service Provider
Integrated Windows Authentication
Multiple IDP Support for Cloud Service Providers
End to End Single Sign-On Setup with Idp


Premium Support Plans Available


* These prices are for 1 instance only. Check out our pricing page for full details.

Moodle Single Sign On addon:

SAML Single Sign On (SSO) for Moodle allows users sign in to Moodle Server with your SAML 2.0 capable Identity Provider. We support all known IdPs - miniOrange, Google Apps, ADFS, Okta, OneLogin, Azure AD, Salesforce, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, Bitium, WSO2, NetIQ etc.SAML Single Sign on (SSO) acts as a SAML 2.0 Service Provider and securely authenticate users with your SAML 2.0 Identity Provider.

Features of Moodle / Moodle Single Sign On addon:

We can connect with any External IDP/Directory

miniOrange provides user authentication from external directories like ADFS, Microsoft Active Directory, Azure AD, OpenLDAP, Google, AWS Cognito etc. It also provides user authentication with other IDPs like Shibboleth, PING, Okta, OneLogin, KeyCloak and many more.

Can't find your IDP ? Contact us on idpsupport@xecurify.com. We'll help you set it up in no time.


Follow the Step-by-Step Guide given below for Moodle Single Sign On (SSO) using SAML

Step 1: Download the plugin from moodle plugins directory and Install it in Moodle

  • Login as administrator in Moodle.
  • Go to Site Administration >> Plugins >> Install plugins.
  • Install the plugin from downloaded ZIP package or from Moodle Plugins Directory.
  • After Installation Go to Site Administration >> Plugins >> Plugins overview.
  • Then Select Additional plugins tab
  • To Configure miniOrange SAML 2.0 SSO plugin, Click on Settings link of Actions column
  • Moodle Single Sign On (SSO) plugins directory configuration


  • Before configuration, Register the plugin with miniOrange.
  • Moodle Single Sign On (SSO) plugin registration



Step 2: Configure the plugin

  • Using IdP information user could add details in Configure SP.
  • Provide the required settings (i.e. IdP Entity ID, IdP Single SignOn Service Url, X.509 certificate) in the plugin and save it.

  • For Example:

    IdP Entity Idhttps://login.xecurify.com/moas
    Single Sign On URLhttps://login.xecurify.com/moas/idp/samlsso
    Single Logout URLhttps://login.xecurify.com/moas/idp/samllogout
    Identity Provider CertificateUpload the certificate downloaded from miniOrange Admin Console

    Moodle Single Sign On (SSO) saml configuration



Step 3: Choose Your User Directory

3.1: Setup AD as User Directory

  1. Log in to miniOrange dashboard from the Admin Console.
  2. From the Side Menu, Click on User Stores >> Add User Store

    Moodle Single Sign On (sso) configure user store<br/><br/></p>
</li>
            <li>Select User Store type as <b>AD/LDAP.</b></li>
			  <p><img src=

    1. STORE LDAP CONFIGURATION IN MINIORANGE: Choose this option if you want to keep your configuration in miniOrange. If active directory is behind a firewall, you will need to open the firewall to allow incoming requests to your AD.
    2. STORE LDAP CONFIGURATION ON PREMISE: Choose this option if you want to keep your configuration in your premise and only allow access to AD inside premises. You will have to download and install miniOrange gateway in your premise.

    3. Moodle Single Sign On (sso) select ad/ldap user store type
  3. Enter LDAP Display Name and LDAP Identifier of your choice. Select Directory Type as Active Directory.
  4. Enter the LDAP Server URL or IP Address against LDAP Server URL field.
  5. Go to AD FS-> Domain-> respective Users -> Properties-> Attribute Editor. Now copy the value of distinguishedName and paste it against Bind Account DN.
  6. Moodle Single Sign On (sso) configure user bind account domain name

  7. Enter the valid password for the user from above step.
  8. Search Base is the location in the directory where the search for a user begins.
  9. Moodle Single Sign On (sso) configure user search base

  10. If you want to add extra conditions on user search you can add it in Search Filter. Select a suitable Search Filter from the Drop-Down. To use custom Search Filter select "Custom Search Filter" option and provide the search filter in the input field that shows up.
  11. Moodle Single Sign On (sso) configure user search filter

  12. You can also configure following options while setting up AD.


  13. Moodle Single Sign On (sso) configure ldap options

    Here's the list of the attributes and what it does when we enable it. You can enable/disable accordingly.

    Attribute Description
    Activate LDAP All user authentications will be done with LDAP credentials if you Activate it
    Sync users in miniOrange Users will be created in miniOrange after authentication with LDAP
    Backup Authentication If LDAP credentials fail then user will be authenticated through miniOrange
    Allow users to change password This allows your users to change their password. It updates the new credentials in your LDAP server
    Enable administrator login On enabling this, your miniOrange Administrator login authenticates using your LDAP server
    Show IdP to users If you enable this option, this IdP will be visible to users
    Send Configured Attributes If you enable this option, then only the attributes configured below will be sent in attributes at the time of login

  14. Click on Save. After this, it will show you the list of User stores. Click on Test Configuration to check whether you have enter valid details. For that, it will ask for username and password.
  15. Moodle Single Sign On (sso) test ad/ldap connection

  16. On Successful connection with LDAP Server, a success message is shown.
  17. Moodle Single Sign On (sso) ldap successful connection

  18. Click on Test Attribute Mapping.
  19. Moodle Single Sign On (sso) test attributes mapping

  20. Enter a valid Username. Then, click on Test. Mapped Attributes corresponding to the user are fetched.
  21. Moodle Single Sign On (sso) fetch mapped attributes for user

  22. After successful Attribute Mapping Configuration, go back to the ldap configuration and enable Activate LDAP in order to authenticate users from AD/LDAP.

3.2: Setup miniOrange as a User Store

  1. Log in to miniOrange dashboard from the Admin Console.
  2. There are 3 ways to setup miniOrange as an Identity Source

      3.2.1 Create User in miniOrange

      3.2.2 Bulk Upload Users

      3.2.3 Self User Registration


      3.3.1 Create User in miniOrange

    • Click on Users >> Add User.
    • Moodle Single Sign On (sso) add user in miniOrange

    • Here, fill the user details without the password and then click on the Create User button.
    • Moodle Single Sign On (sso) add user details

    • Click on On Boarding Status tab. Check the email, with the registered e-mail id and select action Send Activation Mail with Password Reset Link from Select Action dropdown list and then click on Apply button.
    • Moodle Single Sign On (sso) email action

    • Now, Open your email id. Open the mail you get from miniOrange and then click on the link to set your account password.
    • On the next screen, enter the password and confirm password and then click on the Reset Password button.
    • Moodle Single Sign On (sso) reset user password
    • Now, you can log in into miniOrange account by entering your credentials.

    • 3.3.2 Bulk Upload Users in miniOrange via Uploading CSV File.

    • Navigate to Users >> User List. Click on Add User button.
    • Moodle Single Sign On (sso) add user via bulk upload

    • In Bulk User Registration download sample csv format from our console and edit this csv file according to the instructions.
    • Moodle Single Sign On (sso) download sample csv file

    • To bulk upload users, choose the file make sure it is in comma separated .csv file format then click on Upload.
    • Moodle Single Sign On (sso) bulk upload user

    • After uploading the csv file successfully, you will see a success message with a link.
    • Click on that link you will see list of users to send activation mail. Select users to send activation mail and click on Send Activation Mail. An activation mail will be sent to the selected users.

    • 3.3.3 Self User Registration

    • miniOrange self user registration allows end users to register themselves using customized registration form. miniOrange admin users can customize the registration form by adding more custom fields accodring to their choice. Learn More

Step 4: Click on the Test Configuration button and the User Details would be fetched

  • The below screenshot shows the successful result.
  • This screenshot shows the attributes that are received and are mapped by attribute mapping.

  • Moodle Single Sign On (SSO) saml test configuration



Step 5: Go to Role/Attribute Mapping Tab And fill in all the fields

  • Attribute Mapping :
    • Attribute Mapping is used by the Identity Provider(IdP) and the Moodle group(SP) to map user information from IdP to SP.
    • Attribute Mapping helps you to get user attributes from your IdP and map them to Moodle user attributes.
    • Attributes received in successful Test configuration are used for Attribute Mapping.
    • In Attribute Mapping details like username and NameID as shown in step 3 of Test Successful are mapped to Username and Email respectively.
    • While auto registering the users in your Moodle group these attributes will automatically get mapped to your Moodle user details.
  • Role Mapping :
    • Moodle plugin assigns roles to groups which are mapped against those groups.
    • Moodle uses a concept of Groups, designed to give the site owner the ability to control what groups can and cannot do within the site.
    • In Role Attribute enter the Attribute Name given against role value of Test Configuration for the user.
    • Role mapping helps you to assign specific roles to users of a Moodle group from your IdP.

Moodle Single Sign On (SSO) mapping


Step 6: Configure single Sign On Settings

There are different ways to login to your Atlassian Moodle Website

We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India) or email us at info@xecurify.com