Oauth2 Services - OpenID Connect (OAuth2) - Scope question

Oauth2 Services - OpenID Connect (OAuth2) - Scope question

by Wannes Debusschere -
Number of replies: 1

We are using Moodle 3.6.2+ (Build: 20190208) and need to integrate Single Sign on, our provider supports  OpenID Connect (OAuth2) but the scopes don't correspond with the default Moodle scopes.

Default scopes: openid profile email we changed this to openid profile mail id_token.
I suppose id_token is the name for openid (Where can i configure this?)

For the endpoints we have configured 2:  token_endpoint and authorization_endpoint

The login with our Auth provider works, but after being redirect to Moodle, we get a screen with empty dropdowns and this error below

Debug info: 

Error code: Unknown/invalid scope(s): [openid, profile, mail]

$a contents:

Stack trace:

  • line 494 of /lib/setuplib.php: moodle_exception thrown
  • line 37 of /admin/oauth2callback.php: call to print_error()
Can anybody assist with this?
Thank you.



Average of ratings: -
In reply to Wannes Debusschere

Re: Oauth2 Services - OpenID Connect (OAuth2) - Scope question

by Leon Stringer -
Picture of Core developers Picture of Particularly helpful Moodlers

I think you need to configure a third endpoint: userinfo_endpoint. This is used to retrieve the actual user information. You'll need to find out what the URL is for this endpoint for the provider being used.

However OpenID should support service discovery, if you configure Service base URL it will configure the endpoints automatically.

Average of ratings: -