This guide assumes that you have installed the following SAML2 plugin for your Moodle website: https://moodle.org/plugins/auth_saml2
Before you start, you need your IdP metadata url.
Get your metadata URL - Log in to Cloudwork Dashboard -> Single Sign On -> Identity Provider -> Copy the entity ID url
- Enable the SAML2 plugin (click the grey crossed-out eye)
- Go to the SAML2 plugin's settings
- Paste the metadata URL into the "IDP metadata xml OR publix xml URL" field
- Click on Download SP Metadata
- If you are mapping users on username, change Mapping Idp value to User-Name
- To create accounts automatically on SSO login, change 'Auto create users' to Yes.
- Under Data mapping, update the following settings:
- Data mapping (First name): givenName
- Data mapping (Surname): sn
- Data mapping (Email address): mail
- Click Save changes
- Log in to the CLoudwork Dashboard. Go to Single Sign on-> Add New Service -> Upload an XML File
- Give the new service a name, and select the saved XML file from step 4.
- Open a new browser or incognito window, and test login. You will see a Login via SAML2 button on the login page.
SSO is now configured and working. You may now wish to configure other settings in the Moodle plugin settings. Settings of interest:
- IdP label override: Customise the SSO login button text.
- Dual login: By default, allows username/password based logins as well. Change to no to force users to use SSO. Admin login page is still accessible at /login/index.php?saml=off
- Other data mapping fields and settings. This guide limits itself to Cloudwork's default attributes. If you have updated the service's attribute map in Cloudwork to send extra data, you can configure it here.