Moodle is a learning platform created for learners and many others related to education to create a personalized learning environment. As this application is mostly used to build an e-learning platform in schools, universities, workplaces and other sectors, it's used on a daily basis.
The integrations like Single Sign-On increases the utility of application and makes it easy to access. This helps to save time, prevents loss or forgetting passwords, reduces the risk of password phishing for the organization.
Just with one click, the user should be able to access the shared applications, by avoiding the maintenance of multiple passwords. Unable to access the Moodle account directly makes students break the flow of study and pushes him or her to type credentials again and again. This, in turn, may reduce the number of customers who are using Moodle. Content management sites like Drupal, Joomla, and WordPress currently do not have any ready-made connector which would allow users to log in to Moodle account using their existing site's credentials.
miniOrange WordPress/Drupal/Joomla IDP plugin can help to provide necessary integration and the user can log in using WordPress/Drupal/Joomla credentials into Moodle. Setting up Single Sign-On provides many useful features which allow users for selecting the access rights. SAML in Moodle is only possible through third-party plugins. Users can use any third party plugin of their choice or use our Moodle plugin to enable SAML authentication in Moodle.
Steps to configure Moodle as SP
- Obtain issuer(Entity id), ACS URL, if SP is configured for signed requests then you need to provide certificate in plugin as well. Obtain it from SP provider tab of Moodle SP plugin.
- In Identity provider tab of IDP plugin enter the values:
|Service Provider Name||Choose appropriate name according to your choice.|
|SP Entity ID or Issuer|| Moodle Entity ID|
|ACS URL||Moodle Assertion Consumer Service URL.|
|X.509 Certificate (optional)||
[For Signed Request]Paste certificate value you copied from the Moodle Metadata file.|
|NameID Format|| Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress.|
|Response Signed|| Unchecked.|
|Assertion Signed|| Checked.|
|Encrypted Assertion|| Unchecked.|
- You will need to upload the IdP metadata or give certain IdP information in Moodle. You can get this information from the Service Provider Tab in the plugin.
|IdP Entity Id||Obtain this from SP provider tab of IDP plugin|
|Single Sign On URL||Obtain this from SP provider tab of IDP plugin|
|Single Logout URL||Obtain this from SP provider tab of IDP plugin|
|Identity Provider Certificate||Upload the certificate downloaded from Admin Console|
- You will need to configure user attributes to be sent in the SAML response which Moodle needs to log in the user. You can do this under the Attribute/Role Mapping Tab in the plugin. Note the Attributes required from Moodle.
- Configure the plugin to send relevant user details.
Please Note: The name you provide in the plugin for each attribute has to match the name being asked in the plugin dashboard.