With the OIDC Single Sign-On plugin “fl-OidcAuth” it is possible to log in to forma.lms via any identity provider, without having to re-enter the user and password when logging in.
OpenID Connect (OIDC) allows clients to verify the identity of the end user based on authentication performed by an authorization server, but also to obtain basic information about the end user’s profile in an interoperable way.
On an OIDC environment we have three roles: the entity (for example, a user), the identity provider (IdP), and the service provider (SP).
With this plugin, forma.lms plays the role of service provider (SP).
When using this forma.lms plugin for OIDC authentication, the user requests access to the e-learning system, and the plugin is able to request and receive a user authentication statement from a provider identity.
Depending on the IdP’s response, the user will be granted access to the system or the login will be denied.
It is possible, through appropriate configuration, to create a new user in forma.lms if the identity is validated by the IdP configured in the system.
The configuration is completely activated in the “Configuration” section of the “Plugins” item of the forma.lms administration.
Some IdPs already used with the plugin are, for example
- Microsoft Azure Active Directory
- Salesforce