Moodle Plugins directory: OpenID Connect | Moodle.org
OpenID Connect
OpenID Connect Authentication Plugin
The OpenID Connect plugin provides single-sign-on functionality using configurable identity providers, including Azure Active Directory. It is used as part of the Microsoft 365 suite of plugins to connect to Azure Active Directory, but can be configured to provide SSO integration between Moodle and other OpenID Connect providers as well.
This is part of the suite of Microsoft 365 plugins for Moodle.
To follow active development on GitHub, or to find historical versions, click here.
The supported Moodle versions of this plugin is in line with core Moodle version support.
Questions and issue reporting
Github should be used for reporting issues found when configuring or using the plugin, and to ask questions. The comments area on this page is not actively monitored.Contributing
Before we can accept your pull request, you'll need to electronically complete Microsoft's Contributor License Agreement. If you've done this for other Microsoft projects, then you're already covered.
Why a CLA? (from the FSF)
Copyright
(c) Microsoft, Inc.
Code for this plugin is licensed under the GPLv3 license.
Any Microsoft trademarks and logos included in these plugins are property of Microsoft and should not be reused, redistributed, modified, repurposed, or otherwise altered or used outside of this plugin.
Check here: https://moodle.org/mod/forum/discuss.php?d=439218
With the update to plugin version 3.11.5 from October 12, 2022, the login button for the authentication request disappeared. Our learners can no longer log in. The settings in Moodle have all remained the same.
Is this a problem in the plugin or can we install the plugin version for Moodle 4 for Moodle 3.11.10 and will that solve the problem?
Many greetings
Friedhelm
I wonder if the plugin could be used for Clever SSO integration into Moodle?
Kateryna
2022041905 of open id connect everything works perfectly.
With the new version of Moodle 4.2 and the specific open id connect plugin for Moodle 4.2 nothing works anymore. The version of the Opne Id connect Plugin that does not work is this: 4.2.2 ; 2023042410
Activity ID: 55b79301-a33f-43fa-0646-0080010000ad
Relying party: test.formazione-polizia.ti.ch
Error details: MSIS9223: Received invalid OAuth authorization request. The received 'client_id' is invalid as no registered client was found with this client identifier. Make sure that the client is registered. Received client_id: 'https://test.formazione-polizia.ti.ch/auth/oidc/'.
Node name: f7ab8949-9558-457d-8280-11bf8f605f8d
Error time: Tue, 14 Nov 2023 18:45:35 GMT
Cookie: enabled
User agent string: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0
Can anyone help me? Thank you
Thank you for the plugin!
We attempted to connect Keycloak with Moodle 4.2.2+ (Build: 20230822) using this plugin.
We have taken the following steps:
1- We created the client in Keycloak.
2- We set the redirect URI (provided by the plugin) in Keycloak.
3- In the plugin settings, we configured the authorization endpoint, token endpoint, resource, identity provider (IdP) type: other, and client secret.
4- We tested logging in. We were able to log in using OpenID, which directed us to Keycloak. However, when it attempted to redirect to Moodle, we encountered the following error:
403 Forbidden
You don't have permission to access this resource.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Could you please help us?
When using "Microsoft identity platform (v2.0)" IdP type, use v2.0 endpoint, e.g.
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
Microsoft Graph seems to be set up well, but still the profile fields set on the Field mapping page do not appear in the Moodle profiles. Anyone have any ideas? TIA
I found the solution with some help:
On the "Sync settings page" of the Microsoft 365 Integration module I have to check 2 checkboxes:
- Update accounts in Moodle for users in Microsoft Entra ID
- Perform a full sync each run
The defualt run time is 2:00 am, but you can run manually on Scheduled tasks: Sync users from Microsoft Entra ID
After this, the missng profile fields were successfully updated