My understanding is that when you move from one Moodle page to another, a token is been passed along with the request to ensure its validity. I am in a situation where I have a Moodle installation and a student portal running on different servers. I would like to set Moodle in such a way that when the user is already logged on to the student portal and clicks on the link to Moodle, he wouldn't have to provide his login details again. My idea is to have some code in the portal application along with the following lines:
- Redirect the user to moodle.example.com/my;
- Set username and rest of the details via $CFG
Would that be a valid approach? If what I said before about the token is correct, how do I retrieve and set it?