Difference between revisions of "Enable Moodle Authentication using Keycloak"
Jump to navigation
Jump to search
| Line 19: | Line 19: | ||
|- | |- | ||
| Name | | Name | ||
| | | Input with login name, which will be displayed on front page | ||
|- | |- | ||
| Client ID | | Client ID | ||
| | | Input with client-id provided by Keycloak | ||
|- | |- | ||
| Client Secret | | Client Secret | ||
| | | Input with client-id's secret, provided by Keycloak | ||
|- | |- | ||
| Service Base URL | | Service Base URL | ||
| | | URL of Keycloak service base, which included the Realm's name, e.g<br />https://kck.pkc-back.org/auth/realms/pkc-realm | ||
|- | |- | ||
| Logo URL | | Logo URL | ||
| | | URL of Logo, we are going to use PKC's Logo. | ||
|- | |- | ||
| This service will be used | | This service will be used | ||
| | | Droplist Options, please check on Login Page and Internal Service | ||
|- | |- | ||
| Scopes included in a login request. | | Scopes included in a login request. | ||
| | | Do not change, use default value | ||
|- | |- | ||
| Scopes included in a login request <br />for offline access. | | Scopes included in a login request <br />for offline access. | ||
| | | Do not change, use default value | ||
|- | |- | ||
| Additional parameters included in <br />a login request. | | Additional parameters included in <br />a login request. | ||
| | | Keep Blank | ||
|- | |- | ||
| Additional parameters included in <br />a login request for offline access. | | Additional parameters included in <br />a login request for offline access. | ||
| | | Keep Blank | ||
|} | |} | ||
[[Category:DevOps]] | [[Category:DevOps]] | ||
[[Category:Moodle]] | [[Category:Moodle]] | ||
Revision as of 06:41, 23 March 2022
Introduction
This procedure is tested on Moodle 3.11.6 (Build: 20220314), which you can see on : Site Administration > Notification. The goals is to enable new login button on login screen to login using Keycloak
Steps
Preparation on Keycloak
You need to prepare the client-id on keycloak configuration for Moodle to use, please see How to configure for new client application on Keycloak. Below are the configuration data that you need to prepare.
- ClientID; this can be new client-id or your existing client-id, it depends on how you manage the scope of authorization
- Client Secret; Generated on each client-id
Moodle Configuration
To perform below task, please use administation account.
- Go to Site Administration > Server > OAuth2 Service
- On Create New Service, click on Custom Button
- Below are the field to be completed
| Field Name | Description |
|---|---|
| Name | Input with login name, which will be displayed on front page |
| Client ID | Input with client-id provided by Keycloak |
| Client Secret | Input with client-id's secret, provided by Keycloak |
| Service Base URL | URL of Keycloak service base, which included the Realm's name, e.g https://kck.pkc-back.org/auth/realms/pkc-realm |
| Logo URL | URL of Logo, we are going to use PKC's Logo. |
| This service will be used | Droplist Options, please check on Login Page and Internal Service |
| Scopes included in a login request. | Do not change, use default value |
| Scopes included in a login request for offline access. |
Do not change, use default value |
| Additional parameters included in a login request. |
Keep Blank |
| Additional parameters included in a login request for offline access. |
Keep Blank |