Moodle platform is one of the few Learning Management Systems (LMSs) that comply with Learning Tools Interoperability (LTI) for secure login.
You can login to Moodle LMS in two ways;
- Default Login from Moodle
- SSO Login for User Authentication
Default Login from Moodle
Moodle LMS provides default login form, where you can self-register to access the platform. By default, the Moodle system is secure. However, for various reasons, corporates or organization go for other secure login integrations to authenticate a visitor before giving access to the LMS.
Some of the reasons to know are here: namely,
- Course/Content security
- Employee/Corporate data sensitivity
- Data/Content restriction to specific groups in the company
So, that prompts the corporates or organizations to have the integration of authentication tools with their Moodle platform.
SSO Login for User Authentication
The acronym SSO stands for Single Sign-on (SSO). Using the SSO integration tools, the users can access multiple systems (or applications) using single credentials.
For instance, you want to access your Moodle LMS. But your company integrated the LMS with its HRMS. So, if you try with your Moodle logins, the site will redirect you to the SSO page to authenticate you. Once the authentication is done, then only you can access your Moodle.
This is what happens during the process; if the credentials you entered matches with those of HRMS, then you’ll be granted access to the system. Otherwise, you get a message like a User is not registered with us.
For more info on how we make Moodle SSO integration (or Moodle Single Sign On API), talk to us today.
So, you have several Moodle authentication plugins for giving access to your LMS and other systems integrated into it.
A list of them follows as below:
- Azure AD
- OpenID Connect
- SAML2 Single Sign-on
- User Key Authentication
Let’s see each authentication tool one by one.
7 Moodle Authentication Plugins
The list of the tools provided above isn’t necessarily in the order of the most employed but those are mostly used for User Authentication.
By the way, eAbyas Info Solutions, a Moodle Partner for over a decade, does all these integrations for corporates. BizLMS, which is a corporate training LMS, is a testament to our technical prowess.
Now, let’s see the Moodle authentication plugins.
The LDAP acronym stands for Light-weight Directory Access Protocol. It’s a slim version of DAP. It’s a kind of internet protocol without which it’s not feasible to set networking between two systems.
The main usefulness of this application protocol is to maintain a distributed directory information of items in an organized way. That is to say that the LDAP stores data in the form of records with ‘Distinguished Name.’
Some significant features of this authentication plugin:
- Synchronize users to inactivate or to delete them after a set period of time from LDAP servers
- Prevent users, who never logged in, to create Moodle account by themselves
- Supports first logins through email just as Moodle core does
- Use the plugin for any version of Moodle starting above 2.6
For Moodle LDAP sync set up (LDAP integration into Moodle), contact eAbyas Info Solutions today.
#2. Azure AD
Azure Active Directory works for any Moodle installation, not just for Windows Azure with Single Sign-on with Office 365.
How it works:
- Take the code to generate the login URL as well as the settings from the block code
- Integrate the code with your Moodle site front page for the integrate login experience
#3 OAuth2.0 (Open Authorization)
OAuth2 is a framework that allows an end user’s information to share with third-parties without revealing that data.
You get the OAuth2 plugin available in Moodle core from its version 3.3 onward. For other versions, you need to get it separately.
How it works:
- When you click on Google button, you will be redirected to its page for authentication
- You allow the site know your basic info
- In the redirection URL, there is a private token parameter
- The plugin uses this token to access the info such as the email from Google servers
- The plugin tries to match the user’s email with a Moodle account. If matched, the user will be given access. Otherwise, a new user is created.
#4 Moodle OpenID Connect
OpenID Connect is part of the Office suite 365 plugins for Moodle platform. However, it can be configurable for other OpenID Connect providers.
This plugin provides Single Sign-on (SSO) functionality.
How it works:
- Existing users with Moodle accounts can switch to use this plugin for logging into Moodle
- New users will have the accounts created for them
- Users can disconnect from the OpenID Connect upon the administrator’s approval to go back to their previous login method, Username, and Password
It’s also available for Moodle versions above 3.0.
#5 SAML 2 Single Sign-on (SAML Authentication Moodle)
The acronym SAML stands for Security Assertion Mark-up Language (SAML). It’s an open standard that allows Identity Providers (IdP) to pass credentials to Service Providers to use services. That is to say, with one set of logins you can access multiple applications.
SAML integration forms a link between the authentication of a user’s identity and his authorization to a service. In other words, the plugin provides two-factor authentication; the user’s authentication by verifying the credentials and authorizing the user to allow what application to access.
This plugin (SAML Authentication Moodle) is safer and offers better controls for security to enterprises than the OAuth plugin.
How it works:
- User logins using SSO to access Moodle
- Moodle (service provider) sends back the user’s credentials to Identity Provider (IdP) for authentication
- IdP sends back the communication to authorize the user
- The user gets access to Moodle
#6 User Key Authentication
Using this authentication plugin, you get a one-time login URL for simple SSO access.
How it works:
- User logins to his external web application to access Moodle through a web call to Moodle
- Provides info to match with some of the fields with Moodle
- A URL will be generated to access Moodle platform without typing his Username and Password
#7 A2FA (Another 2 Factor Authentication)
A2FA allows users to follow two-factor authentication – token and user credentials like User Name and Password. To generate tokens, this plugin uses Google’s authenticator app.
And it is available even to the latest Moodle versions 3.7.
A2FA is a mobile-friendly plugin.
In conclusion, the Moodle platform incorporates the best and the latest security measures for super-safe access into the system. To get Moodle services for you, visit our eAbyas site today!