In an exchange of authentication and authorization data, an identity provider securely asserts the identity and access rights of a set of users. Your Open edX site is the service provider that allows the users access on the basis of credentials sent by an identity provider.
For example, your Open edX site hosts the courses of three different organizations. When you configure the Open edX site to be a service provider, and configure each of the three organizations to be identity providers, you permit learners who have valid user credentials at any of those organizations to access the Open edX site.
You can enable third party authentication between your Open edX site and many types of identity providers. The Open edX platform provides support for three types of identity providers.
The Open edX platform has integrated support for the following providers.
The Open edX platform also includes limited support for the following SSO providers.
These providers are part of the external_auth app, tend to be older and less robustly tested, and have a much more limited feature set. These providers are included in the source code but are not officially supported.
Regardless of the standard that the identity provider you want to integrate with uses, you begin by enabling the third party authentication feature for your site.
For example, your Open edX site hosts the courses of three different organizations. When you configure the Open edX site to be a service provider, and configure each of the three organizations to be identity providers, you permit learners who have valid user credentials at any of those organizations to access the Open edX site.
If you are using edX as an LTI tool provider to a external learning management system or application, you can set up an authentication workflow between your Open edX site and the system that is the LTI tool consumer. For more information, see Options for LTI Authentication and User Provisioning and Configuring Open edX User Authentication for LTI.