authentication.md

Mirosoft O365

To add Microsoft 365 (O365) authentication to Moodle 4.3, you can use OAuth 2 authentication to allow users to log in using their Microsoft accounts. This involves configuring an Azure AD application and setting up Moodle to use it.

Step 1: Set Up Azure AD Application in Microsoft 365

1. Access Azure Active Directory:
   • Go to the Azure portal.
   • Sign in with your Microsoft 365 administrator account.
   • Navigate to Azure Active Directory > App registrations [1].

2. Register a New Application:

   • Click on New registration.

   • Enter a name for your application 2.

   • Choose Accounts in this organizational directory only or Accounts in any organizational directory[3] depending on your user base.

   • Under Redirect URI, [4] select Web and enter the following URI:

     https://yourmoodleurl.com/admin/oauth2callback.php
     

     Replace yourmoodleurl.com with your actual Moodle site URL.

   • Click Register [5].

     

3. Configure API Permissions:

   • After the app is created, go to API permissions[6].
   • Click on Add a permission[7], select Microsoft Graph,[8] and then choose Delegated permissions[9].
   • Add the following permissions [10]:
     • openid
     • profile
     • email
     • offline_access
   • Click Add permissions[11].
   • Grant admin consent for your organization.

4. Create Client Secret:
   • Go to Certificates & secrets[12].
   • Click on New client secret[13], provide a description, and set an expiration period.
   • After creating the client secret, copy the value immediately;[14] you will need this for Moodle.

Step 2: Configure Moodle for O365 Authentication

1. Login to Moodle as Admin:

   • Log in to your Moodle site as an administrator.

2. Enable OAuth 2 Services:

   • Go to Site administration[16] > Server[17] > OAuth 2 services[18].

   • Click on Add a new service.

     

3. Add Microsoft as an OAuth 2 Service:

   • Name the service [19] (e.g., "Microsoft 365").
   • In the Client ID [20] field, paste the Application (client) ID from Azure AD.
   • In the Client secret[21] field, paste the client secret you(Certification & Secret > Value) created in Azure AD.
   • 

Additional Single Tenancy Configuration

• Once the above steps have been completed, Moodle O365 Authentication click "Overview" if not already selected and choose "Endpoints"

  

• From the list of endpoints copy the OpenID Connect metadata document endpoint URL. It is only necessary to copy the portion up to and including "v2.0". In the example below, the copied URL would be, "https://login.microsoftonline.com/96e0421d-d572-4839-9c32-b8bc00cf250b/v2.0/". Note that it is important to include the trailing slash.

• Now return to Moodle and in the newly created OAuth2 Microsoft service, paste the endpoint in the 'Service base URL' field.

• Save your changes.

4. Enable Microsoft 365 Login:

   • Go to Site administration > Plugins > Authentication > Manage authentication.

     

   • Scroll down to OAuth 2 and make sure it's enabled.

   • Set Microsoft 365 as an issuer.

     

Step 3: Test Microsoft 365 Authentication

1. Log Out:

   • Log out of Moodle.

2. Test the Login:

   • Go to the Moodle login page.

   • You should now see a "Login with Microsoft" button.

     

   • Click on it and log in with a Microsoft 365 account to test.

https://docs.moodle.org/403/en/OAuth_2_Microsoft_service

---

Google authentication

Here is the corrected step-by-step guide:

1. Login with Google
   Go to the Google Cloud Console:
   https://console.cloud.google.com

2. Create a New Project or Select an Existing Project [1] if you select "New Project [2], add project name and [3] Click Create button [4]"

- Select your newly created project [5].

4. Navigate to the API & Services [7] > Credentials section [8]

• Go to API & Services and click on Credentials [9].

6. Create OAuth 2.0 Client ID [10]

   • Click on Create Credentials and choose OAuth client ID.

     

7. Configure Consent Screen [12]

• Select User Type External [13] and click the Create [14] button.

  

• Under Edit app registration > OAuth Consent Screen > App Information, fill in the required details.

• In the Authorized domain [16]s section, add the domain of your Moodle site and provide the developer contact information.
• Click Save and Continue [17].

9. Scopes Section

   • Click Save and Continue in the Scopes section.
   • Then, click on the Back to Dashboard button.

10. Create OAuth Client ID

• Go to Credentials[18] again, then click on Create Credentials[19] and choose OAuth Client ID[20].

  

• Select Web Application as the application type [18].

11. Configure Authorized Redirect URLs[21]

• Add the following authorized redirect URL:
  https://your-moodle-site.com/admin/oauth2callback.php

11. Click Create [22]

• Finally, click the Create button to generate your OAuth 2.0 Client ID.

  

---

12 **Configure Moodle for Google Cloud Console Authentication**

i. Login to Moodle as Admin:

• Log in to your Moodle site as an administrator.

  

ii. Enable OAuth 2 Services:

• Go to Site administration > Server[25] > OAuth 2 services.
• Click on Add a new service[26].
• 

iii . Add Google as an OAuth 2 Service:

• Name the service[27] (e.g., "Google").
• In the Client ID[28] field, paste the Application (client) ID from Google Cloud Console.
• In the Client secret[29] field, paste the client secret you created in Google Cloud Console.
• 

iv . Enable the Google API in Moodle

• In the same “Manage authentication “page look for “OAuth 2” [30]in the list of authentication methods.

• Enable the OAuth 2 authentication plugin

• 

• After performing all the above step, you google will be coming on your loving page (as it is appearing in below screen)

•