Could you please kindly help and give suggestions about my issue when I try to access view my record from LMS (http://lms/u/username) I am getting an error.
Error:
I have configured the credentials service URL in lms.env.json and cms.env.json, but still getting the same error.
“CREDENTIALS_PUBLIC_SERVICE_URL”: “http://IP-addess:8005”,
“CREDENTIALS_INTERNAL_SERVICE_URL”: “http://IP-address:8005”
Hi, @Piyush_Nikam please check that credential service was started in your environment. Now it seems that credentials doesn’t work.
Hi @idegtiarov, thanks a lot for taking the time to reply to my Issue
I found out that there is no service named credentials.
These are the following services in /edx/app.
and sudo /edx/bin/supervisorctl status is giving the following result.
I am using Ironwood with a Native installation.
Do Ironwood has by default credentials service installed If yes then how to start it and if no is there any document or issue you can share to install and configure credentials service on the Ironwood native.
It will be big help.
Thanks again
Unfortunately, I’m not an expert in native installation. Fast search shows that there is a playbook role for credential service in the configuration lib https://github.com/edx/configuration/blob/3aff81a1b4a92085d52123e191133ea11b8a8e7b/playbooks/roles/credentials/defaults/main.yml at the same time I’m not sure it is added in native installation. In our RaccoonGang’s installations, credential service is not usually used.
@andrey.kryachko could you please help or at least point in the direction to continue finding the truth.
Hello Piyush_Nikam,
there are no much documentation about credentials deployment configuration.
openedx_native playbook does not contain credentials role.
You can deploy credentials service by preparing ansible configuration and running credentials.yml playbook from configuration repository (if your cloud provider not AWS, then comment out line 10, where aws role called).
You may start with this ansible call:
source /edx/app/edx_ansible/venvs/edx_ansible/bin/activate
cd /edx/app/edx_ansible/edx_ansible/playbooks
ansible-playbook -i,localhost -clocal credentials.yml -e@/path_to_native_install_dir/config.yml -e@/path_to_native_install_dir/my-passwords.yml -e@/path_to_credentials_config.yml
Please note config.yml and my-passwords.yml files. This files should been created during native installation.
Example of credentials_config.yml:
SANDBOX_ENABLE_CREDENTIALS: True
CREDENTIALS_NGINX_PORT: 18151
CREDENTIALS_SSL_NGINX_PORT: 48150
CREDENTIALS_URL_ROOT: "http://IP-addess:8005"
CREDENTIALS_LOGOUT_URL: "{{ CREDENTIALS_URL_ROOT }}/logout/"
CREDENTIALS_OAUTH_URL_ROOT: "http://{{ EDXAPP_LMS_BASE }}/oauth2"
CREDENTIALS_OIDC_LOGOUT_URL: "http://{{ EDXAPP_LMS_BASE }}/logout"
CREDENTIALS_SERVICE_USER: 'credentials_service_user'
CREDENTIALS_SERVICE_USER_EMAIL: 'credentials_service_user@example.com'
CREDENTIALS_SERVICE_USER_NAME: "{{ CREDENTIALS_SERVICE_USER }}"
CREDENTIALS_USER_API_URL: "http://{{ EDXAPP_LMS_BASE }}/api/user/v1/"
CREDENTIALS_USER_API_JWT_AUDIENCE: "{{ EDXAPP_JWT_AUDIENCE | default('lms-key') }}"
CREDENTIALS_USER_API_JWT_SECRET_KEY: "{{ EDXAPP_JWT_SECRET_KEY | default('lms-secret') }}"
CREDENTIALS_SECRET_KEY: "CHANGE-ME"
CREDENTIALS_CORS_WHITELIST:
- "IP-addess"
- "{{ EDXAPP_LMS_BASE }}"
credentials_gunicorn_host: "127.0.0.1"
credentials_gunicorn_port: 8150
CREDENTIALS_SOCIAL_AUTH_EDX_OIDC_KEY: 'credentials-key'
CREDENTIALS_SOCIAL_AUTH_EDX_OIDC_SECRET: 'credentials-secret'
EDXAPP_CREDENTIALS_PUBLIC_SERVICE_URL: "{{ CREDENTIALS_URL_ROOT }}"
EDXAPP_CREDENTIALS_INTERNAL_SERVICE_URL: "{{ CREDENTIALS_URL_ROOT }}"
please note that last two variables used in edxapp ansible role and requires update of edxapp application (or manual addition of CREDENTIALS_PUBLIC_SERVICE_URL and CREDENTIALS_INTERNAL_SERVICE_URL variables into lms.env.json and cms.env.json files).
Also note that Production installation requires secure application. You need to delegate dedicated DNS name for credentials service and configure HTTPS.
Do not forget to check OAuth2 client is configured for credentials service in LMS admin/oauth2/client/ with client id and secret same with CREDENTIALS_SOCIAL_AUTH_EDX_OIDC_KEY and CREDENTIALS_SOCIAL_AUTH_EDX_OIDC_SECRET extra vars.
And finally, you can disable View My Records by adding "ENABLE_LEARNER_RECORDS": false to site configuration for current site in admin/site_configuration/siteconfiguration.
Hi,
Did you found any solution to make that work?