OpenID Connect

Authentication ::: auth_oidc
Maintained by Enovation Dev Team, James McQuillan, Zion Brewer, Nima Mojgani
The OpenID Connect plugin provides single-sign-on functionality using configurable identity providers.
Latest release:
6875 sites
77 fans
Current versions available: 16

OpenID Connect Authentication Plugin

The OpenID Connect plugin provides single-sign-on functionality using configurable identity providers, including Azure Active Directory. It is used as part of the Microsoft 365 suite of plugins to connect to Azure Active Directory, but can be configured to provide SSO integration between Moodle and other OpenID Connect providers as well.

This is part of the suite of Microsoft 365 plugins for Moodle.

To follow active development on GitHub, click here.

This plugin is updated with stable Moodle releases. This means:

  • New features, bug fixes for general core bugs, and security issues for all plugin versions for Moodle 3.9.x and earlier versions have ended, with the following exception:
    • Bug fixes for security issues for Moodle 3.9.x versions will end 8 May 2023.
  • For plugin versions for Moodle 3.10:
    • New features and full support until November 2021.
    • Bug fixes for security issues until May 2022.
  • For plugin versions for Moodle 3.11 (to be released in July 2021):
    • New features and full support until May 2022.
    • Bug fixes for security issues until November 2022.


Before we can accept your pull request, you'll need to electronically complete Microsoft's Contributor License Agreement. If you've done this for other Microsoft projects, then you're already covered.

Why a CLA? (from the FSF)


(c) Microsoft, Inc.  Code for this plugin is licensed under the GPLv3 license.

Any Microsoft trademarks and logos included in these plugins are property of Microsoft and should not be reused, redistributed, modified, repurposed, or otherwise altered or used outside of this plugin.


This plugin is part of set Microsoft 365.


Screenshot #0
Screenshot #1
Screenshot #2


Enovation Dev Team (Lead maintainer)
Vinayak (Vin) Bhalerao
Akinsaya Delamarre
Please login to view contributors details and/or to contact them

Comments RSS

Show comments
  • Fri, Oct 2, 2020, 3:51 PM
    Hello, great plugin !!! I'm using it to connect my users via OpenID Connect with my Okta SSO platform. But I'm facing a problem : how to implement the logout ? Clicking on the Moodle logout button don't logout from Moodle neither Okta. I can't understand how to implement the logout in the plugin. May you help me please ?
  • Wed, Oct 28, 2020, 12:10 AM
    Hi folks, we have a minor problem where the login button image doesn't display on the button in the Moodle header. It does display on the button on the main Moodle login page. We checked with the developer of the theme we are using and she indicated that the button image is served by the oidc plugin code. Is this something that can be fixed?
    Wed, Mar 10, 2021, 9:48 PM
    Hi, I need same help to restrict access by email domain using regular expression pattern that matches the usernames of users. Can someone help: usernames are like:
  • Thu, Apr 29, 2021, 5:36 PM
    In Version 3.9.4 (2020071504), the scheduled task 'Clean up OIDC state and invalid token' (\auth_oidc\task\cleanup_oidc_state_and_token) fails to run and blocks all other scheduled tasks from running. When run from the command line the below error message is generated:

    !!! Exception - Argument 3 passed to mysqli_native_moodle_database::delete_records_select() must be of the type array or null, int given, called in [dirroot]/auth/oidc/classes/task/cleanup_oidc_state_and_token.php on line 47 !!!

    The only way to have all other scheduled tasks to run is to disable this task. We have this version of auth_oidc installed on two sites and they both produce this error.

    Moodle versions are: 3.9.3 and 3.9.1
  • Wed, Dec 8, 2021, 10:55 PM
    probably there is a bug in latest 3.9.8 version. The tablefield resource was not renamed to tokenresource during upgrade process. The part in upgrade.php is maybe the $result:
    if ($result && $oldversion < 2020071504) {
  • Wed, Dec 8, 2021, 11:07 PM
    Hi Daniel, please raise any issues you have in the github issues section. For your issue re 3.9.8, we have raised one here Kind Regards Oswaldo
  • Wed, Dec 8, 2021, 11:51 PM
    Hi Daniel,

    I have made an emergency release of auth_oidc for Moodle 3.9 which contains a fix to the issue. Details are added in the github issue The release is at

  • Fri, Dec 10, 2021, 5:02 PM
    Hi Oswaldo and Lai,
    Thank you for the hint to raise issues and thank you for the fast fix.
  • Wed, Dec 22, 2021, 2:49 AM
    Hi, I have an issue that when a Microsoft user logs in with the "OpenID Connect" button, it will direct the user to the user's profile of Moodle. After the user edits the first and last name and registered Azure user email, he/she can't go to the dashboard or anywhere in the Moodle rather than stay on the profile page. It looks like the user redirects to the profile page whenever clicking any other link of the dashboard, site home, or others. Is this something that can be fixed? My Moodle is running on the newest edition. Thank you.
  • Wed, Dec 22, 2021, 5:44 PM
    Hi @Jeffrey Yuan, please report issues or ask questions in github at For your particular question, please check the profile field locking settings and ensure users have permissions to update their profile fields. The force redirect happens if the account doesn't have a "complete" profile, which by default contains first name, last name and email fields. If no field mapping is set up in auth_oidc, these fields would be empty in Moodle user profile, therefore triggering the redirect. If the fields are set to be locked, users won't be able to edit them, effectively creating a deadlock. Please check if it's the case.

  • Sat, Feb 5, 2022, 1:28 AM
    in french translation, I have found a mistake in cfg_field_mapping_desc (< /a> with space between < and /). This break all the bloc "Data mapping".
    I have fixed it with language customisation Moodle tool, but I don't know where to report this error. "cfg_field_mapping_desc" isn't in lang/fr/auth_oidc.php file.
  • Sat, Feb 5, 2022, 5:18 AM
    Hi @Philppe Matabiau, please report issues or ask questions in github at For your particular issue, could you clarify the plugin version you are using please.

  • Tue, Feb 8, 2022, 10:45 PM
    ho yes @Lai Wei, sorry.
    We use the 3.9.8 now. But it's since at least the 3.9.7.
  • Tue, Feb 8, 2022, 10:54 PM
    Hi Philippe, you are right that the string with identifier "cfg_field_mapping_desc" doesn't exist in the French language file. Most recent language file changes were applied to English only. We have plan to update language string files for a few languages that we have capability, but this has yet been scheduled. I checked the English language string file and the default string doesn't contain the error, i.e. the tag was closed correctly. So in standard installation without customisation, I suppose this should work. Please let me know if you see different.

  • Thu, Jun 23, 2022, 7:59 AM
    The update of 3.11, was the worst update by far... Mapped Fields simply does not work at all....
1 2 3 4 5 6
Please login to post comments