The JWT SSO plugin gives the ability to use a signed JSON Web token, generated using a shared secret, to login into your LMS. The following is a quick start guide to setup and get going with this plugin.
The first step is to first setup the plugin. You can find the settings page of this plugin from Site Administration -> Plugins -> Authentication -> JWT Cookie Authentication. When the page loads, you should see the screen below.
The first field to fill out is the ‘Secret’ parameter. The secret key is what is used to generate a signed JWT that you put in your cookie.
The next field you will need to fill out is the ‘Cookie Name’ (which is used for cookie authentication) and ‘Parameter Name’ (used for URL authentication). The signed JWT needs to be placed in a cookie or the url parameter so that the plugin can then use it to verify and authenticate the user. By setting the cookie/parameter name in the plugin, it will expect the signed JWT to be in the cookie/parameter name specified. This is the minimum information required for the plugin to work on your LMS. The next step is to generate the signed JWT.
The following is the information required in order to generate a signed JWT to be authenticated:
- Firstname
- Lastname
- Description
- Username
Once the signed JWT is generated using the shared secret, you can use either authentication option to log in.