Forum Discussion
How to Block a SCORM on Clients' LMS Platform
HEllo,
one of our clients has asked us to include a type of restriction within the SCORM files (which we produce on their behalf using Storyline 360 and Rise 360) to prevent the SCORM from being played on their clients' platform once the license has expired.
Could you advise on the best way to proceed?
I'm pretty sure this type of control is not available through the built-in features of Articulate authoring tools (but please correct me if I’m wrong) and instead might be achieved by editing the SCORM after publishing. Specifically, by inserting custom JavaScript code that compares the current date with a predefined expiry date, and if the current date exceeds the expiry date, the SCORM package will display a warning message or block the course from progressing.
My concern is that using custom JavaScript in this way might be blocked by the clients' LMS platforms or could be limited or disabled by future browser updates.
Another possibility I’m considering is using cloud-based services (like SCORM Cloud) to host the SCORM files, which could then be accessed via a link or embed from the clients' platforms, so that when the license expires, it would be sufficient to modify the cloud service access.
Once again, I would appreciate your advice.
Please let me know if you need any further information. Thank you!
Note, because JavaScript is a client-side language running in the browser, this can easily be defeated by turning the clock back. It's an old trick, but it still works.
If you're serious about restricting access contractually, I suggest SCORM Cloud Dispatch. When I was with a previous employer who has a global footprint, we used Dispatch to deliver courses to the learners via their organization's LMS' while still maintaining ownership and control of the courses (including based on date).
Some LMS's offer an expiration date for content. If your clients LMS doesnot has this, you can use javascript to check for the currentDate and close/lockdown or block the course when a specific date is passed.
As at the moment i only have mobile access, i cannot show a fully working sample. But here some dummycode that gives you a headstart.
var end = new Date('2024-11-01');
var now = new Date();
if (end - now <= 0) {
/*here you show a layer locking progress, or a blocker or even completely close the Windows*/
}
Thank you for the response.
Thanks to ChatGPT, I already have an idea for a possible JavaScript code to manage the expiration date, but I’m interested in knowing what the potential downsides might be of adding custom JavaScript code within a SCORM package. For example, is there a risk that the code might stop functioning correctly after updates to the LMS platform or browsers?None whatsoever. Only risks on using Javascript in Storyline are Articulate related.
Beware of maintenance. In order to re-enable access, you would need to deliver a new set of files. This may not work for your client, as I know with some LMS, this can mean having to create a new offering on the system. You don't get the same continuity you do from system controlled access. Also, from system controlled access, you do not have to distribute the actual content. You get to host it, which is really good for version control and agile maintenance.
Hello luigizirpoli I think this is asking the content for what is better off being a system solution. The reason I say this, is because anything that is built into the content cannot be controlled without having to upload a new set of files, whereas a system solution would allow you to turn on/off access to the content.
The best way to achieve this level of control is to not distribute the SCORM content, but to distribute a proxy SCORM package which requests the content from a server, and then uses a technological solution such as JSON padding to allow SCORM to communicate across the different domains.
There are probably quite a few solutions out there, but a well documented one, that will at least help you understand what would need to happen is the SCORM Cloud Dispatch
As Sam says, maintenance might be an issue. He suggest Dispatch. However another solution i used for that is, simply getting the date when a course should be locked/expired from an external variable. I use databases for that, but a txt-file or Google sheets could suffice too.
There's always a risk with JavaScript solutions, especially when your client has the course package too. It is possible, if the client has the appetite, to circumvent any client side access control without your knowledge.
It's a cost effective solution, if you are happy to accept that some clients may work around it.
