Moodle SAML Single Sign-On using DNN SAML as IDP

Overview

DotNetNuke (DNN) SAML IDP module acts as a SAML 2.0 Identity Provider which can be configured to establish the trust between the module and various SAML-compliant service providers to securely authenticate the user using the DotNetNuke (DNN) site credentials. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between DotNetNuke(DNN) and Moodle considering DotNetNuke(DNN) as IDP.

Pre-requisites : Download And Installation

• Download DNN SAML Identity Provider (IDP) module.

• Upload the installation package xxx_dnn-saml-single-sign-on-sso-idp_xxx_Install by going in Settings > Extension > Install Extension.

• Open any of the page on your DNN site (Edit mode) and Click on Add Module.

• Search for moDNNSAMLIDP and click on the moDNNSAMLIDP. Drag and drop the module on the page where you want.

• After successfully installing the module on your DNN site, click the gear icon of the module, and select Settings from the dropdown menu.

• Navigate to the moDNNSAMLIDP Settings tab to configure the module.

• To activate the module, enter the license key received via email in the provided input field.
• If you haven’t received the license key, click on the Click Here link to download it, and then upload the license file using the Choose File button.

• Then, accept the terms and conditions by checking the box, and click on the Activate License button to activate the module.

Step 1: Configure Moodle as SP

• Navigate to the IDP Configurations tab in the DNN SAML IDP module.

• You can share your IdP Metadata with the Service Provider in either of the following ways:
  • Metadata URL : Share the metadata URL with your Service Provider.

  OR

  • Download Metadata XML : Download the metadata XML file and upload it to your Service Provider.

• You can also manually share the IdP metadata by copying the IdP Entity ID, Single Sign-On URL, SAML SLO URL, NameID Format, and x.509 Certificate.

We will go through the steps to setup Moodle as a Service Provider. Here, we will be adding the IdP metadata to configure the module.
There are two ways to configure the module:

A] By uploading DNN SAML IDP metadata:

• Click on the Upload IDP metadata button.
• Enter the Identity Provider Name.
• You can copy and paste the DNN SAML IDP metadata XML file and click on the Upload Metadata button or use a metadata URL and click on Fetch Metadata.

A] Manual Configuration:

• Provide the required settings (i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) as provided by your Identity Provider.
• Click on the Save button to save your configuration.

You have successfully configured Moodle as Service Provider.

Step 2: Configure DNN as SAML IDP

• Navigate to the SP Configurations tab and click on the Add Application button.

• From the list of service providers given below, select Moodle.

There are two options to add an application for your Service Provider in the DNN SAML IDP module

A] Upload Metadata using the “Upload Metadata” option

• You can upload the Service Provider metadata directly using the Upload Metadata button.

• The DNN SAML IDP module requires the SP Entity ID and ACS URL values from your Service Provider.
• You may receive these values either through a metadata file (.xml) or a metadata URL from your SP.
• Upload the metadata by selecting the appropriate option — via XML file or URL — as shown in the screenshot below.

B] Configure the Service Provider metadata manually

• If you prefer to configure the Service Provider manually, copy the SP Entity ID and ACS URL from your Service Provider’s metadata and paste them into the corresponding fields.

• Once you have entered all required details, click on Save Settings to save the configuration.

Step 3: Attribute Mapping

• In this steps you will map the DotNetNuke user attribute to be sent in the response to the Service Provider.
• NameID defines what SP is expecting in the subject element of SAML Assertion. Generally, NameID is Username of Email Address. You can select which user attribute you want to send in the NameID.
• You can add other attributes to be sent in SAML Assertion to SP. The attributes include user’s profile attributes such as first name, last name, fullname, username, email, custom profile attributes etc.

• After completing the attribute mapping, click on the Save Settings button to save your configurations.

Step 4: Testing SSO

• Go to your Moodle login page and try accessing the site. If the configuration is correct, Moodle will redirect you to the DNN IdP Sign-On Page.
• Enter your DNN credentials. After successful authentication, you will be logged into your Moodle account, confirming that the SSO connection is working properly.

Step 5: IdP Initiated SSO

• Once the SSO connection is successfully tested, you can proceed to copy the DNN IdP initiated SSO link.
• After adding your Service Provider, click on Select Actions → Copy SSO Link.
  For DNN (IdP) initiated SSO, use this link provided by the DNN SAML IDP module to initiate login directly from DNN.

Troubleshooting

• If you face any issues or get any errors duing the setup. Click on the Troubleshoot button and Enable logs.

• Reproduce the Issue and share the logs with us at dnnsupport@xecurify.com.

Related Articles

• DotNetNuke Two-Factor Authentication
• DNN SAML Single Sign-On (SSO)
• DNN OAuth Single Sign-On (SSO)
• DNN Power BI
• DNN SAML IDP Setup Guides

Get in Touch

Please reach out to us at dnnsupport@xecurify.com, and our team will assist you with setting up SAML Single Sign-On (SSO) for Moodle using DNN as the Identity Provider (IDP). We will also help you choose the most suitable solution or plan based on your requirements.