0

I have the following question: We implement some different LMS and we are wondering if and how could be possible to have a SCORM (hosted into an LMS) asking the user to authenitcate to an external authentication system (other than the one of the LMS itself where the SCORM learning object is available) as first action when launched the SCORM; if this authentication fail, the user must be not enable to take that learing; in other words we are wondering to understand if it is possible to implement a sort of two factors authentication method where factor-1 is the login to the LMS, factor-2 is the “login” requested by the specific scorm; this factor-2 managed by the external authentication system could be, for istance, an OTP code or an electronical identity card, or any other similar strong authentication factors with the scope to enable or not that user to take that SCORM content.

Thanks a lot Daniele

Daniele
  • 1

1 Answers1

1

There's no mechanism in SCORM for authentication. A SCO (a learning object or activity) generally assumes it is authenticated by default.

There are two solutions depending on what part you have control over:

  • The LMS could handle the external authentication flow and only deliver the SCO when that authentication succeeds.

  • The SCO could handle the external authentication (and persist this state e.g. in a cookie or local storage) and delay initialization with the RTE until the authentication has succeeded.

Note that SCOs are executed entirely in the browser so any authentication logic will have to run in the browser and be able to communicate with the external authentication system and a sufficiently technical user would be able to access the source code.

Alan Plum
  • 10,814
  • 4
  • 40
  • 57