Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #31920 from openedx/private_to_public_d48c42d

Browse Source 
Mergeback PR from private to public.
This commit is contained in:
edx-pipeline-bot
2023-03-13 10:40:17 -04:00
committed by GitHub
parent 97a1fee393 d48c42d4c5
commit 75715e51fe
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/guides/studio_oauth.rst
View File

@@ -1,17 +1,17 @@
Enabling OAuth for Studio login
===============================
###############################
This is a migration guide for converting Studio login to use OAuth, for use in the Lilac to Maple upgrade.
Background
----------
**********
As of Lilac, the Studio by default shares a session cookie with the LMS. This either forces Studio to be on a subdomain of the LMS or the LMS to set its session cookie on a wide domain, which exposes it to a potentially large number of subdomains.
Maple's configuration assumes that Studio will use LMS's OAuth2-based single-sign-on (SSO). This means that the cookies (and domains) can be decoupled to improve both flexibility and security. However, there are a few steps to take to finish this configuration (otherwise Studio logins will not work.)
Migration
---------
*********
Studio and LMS need to be configured in each environment to enable the new flow, with the exception of devstack and sandboxes (which will autoconfigure for OAuth.) Migration involves enabling OAuth and separating the session cookies for LMS and Studio. The session cookie split will require Studio users to log in again.