I was working on to implement SSO. Suppose I have my website app1 in which we used PingIdentity as IdP with OIDC protocol. We have Moodle platform and want our users to access it from our website via button click (react). Moodle should not ask for re-authentication
So, I got OIDC based plugin from Moodle and configured it, also, configured it on Ping. Now, I login my website and hit the URL to access Moodle, the very first time, its prompting credentials, which we want to avoid. Until the browser is closed, we can logout and login with a button click. Our requirement is, we dont want our customers to enter credentials second time, the user should seamlessly login Moodle anytime provided he already logged into my website.
My website is Nodejs serverless web application, Using PingIdentity as Idp and OIDC protocol.
(Also, is it possible like, internally sending authentication request to Moodle, when the user logsin my portal, as the credentials and IdP are same)
That should work based on your description, as long as both apps use Ping. First see this post on SSO settings for Ping and check that no
Browser SSOsettings prevent SSO from working.SSO FAILURE CAUSES
The most common of these is a dropped SSO cookie. How do the website and Moodle do their login redirects? Are they both full window redirects?
Note that redirects on an iframe will drop the SSO cookie due to browser restrictions. Also check that Moodle isn't sending the OpenID Connect
prompt=loginparameter.Since SSO is enabled by the Ping SSO cookie you may need to do some browser tracing next in your browser tools:
For the website, check the
set-cookieheader, where the Ping cookie will useSameSite=noneFor the Moodle OIDC redirect, check that the same cookie is included in the
cookierequest header. If it is sent, you know that it is not a cookie problem.