We hardcoded a redirect in EDX to the Keycloak own login, which then redirects you back into EDX, sending the User ID that seamlessly flows into the EDX login logic in the background. As I recall, there've been a few places to change, but not a big deal. I have the code from that POC somewhere - in Ginkgo, though
On Sunday, December 9, 2018 at 11:50:45 AM UTC+8, Brian Levine wrote: > > Hello, > > We're integrating OpenEdX with a number of other services all of which are > secured using SSO via Keycloak. Keycloak will be the only auth provider > available. We've successfully integrated Keycloak as an EdX 3rd-party > OAuth provider. Since this is the only auth provider, we'd prefer that the > user not have to click the 3rd-party provider button on the EdX login > page. In fact, we'd prefer not to show the EdX login page at all. > However, we'd still need some way for EdX to create its own session. > > Is it possible to somehow disable the EdX login page, but still provide a > URL (to Keycloak) such that when the user is redirected to that URL, an EdX > session is created? We thought of creating a page that simulates the user > clicking the 3rd-party provider button by programmatically doing the POST > that that button would have done on load. But we're looking for something a > bit less hack-y if possible. > > Thanks! > > > -- You received this message because you are subscribed to the Google Groups "General Open edX discussion" group. To view this discussion on the web visit https://groups.google.com/d/msgid/edx-code/0e832c79-e757-43b5-a1de-18bb1e90990b%40googlegroups.com.
