Looks like the pipeline and student_account changes are all that's needed, and they are pretty minor: bypass the login screen popup and enable an automatic EDX user creation with the info coming in from the 3rd party. I still don't recall what's happening on the logout side, though - weather the Keycloak session can be closed easily
On Tuesday, December 11, 2018 at 7:06:06 AM UTC+8, Brian Levine wrote: > > Thanks Steven. At the moment is looks like the tpa_hint mechanism will > work fine for us. We can rewrite URLs in our reverse proxy to add that as > a query param. Although it would be nice to be able to turn that behavior > on by default without having to use the tpa_hint query param. > > Brian > > > On Monday, December 10, 2018 at 5:52:18 PM UTC-5, stv stnfrd wrote: >> >> Hi Brian, Stan, and all, >> >> We've actually built this into our fork at Stanford [1]. >> We use it for our on-campus deployment where we require university >> credentials to access the site. >> >> Instead of being shown the login/register page, users are automatically >> redirected to the SSO provider and then back again :) >> >> It's configurable via JSON/settings, so it can be enabled/disabled on a >> per instance basis. >> >> If there's interest, we can look to submit it upstream to edX! >> >> Let us know what you think! >> -- Steven >> >> - [1] >> https://github.com/Stanford-Online/edx-platform/commit/3271d113e5a572939e9859266639e8770e50441a >> >> -- You received this message because you are subscribed to the Google Groups "General Open edX discussion" group. To view this discussion on the web visit https://groups.google.com/d/msgid/edx-code/99665325-747c-42a8-a4f8-50bcc48df517%40googlegroups.com.
