Forum Discussion

luigizirpoli's avatar
luigizirpoli
Community Member
13 days ago

How to Block a SCORM on Clients' LMS Platform

HEllo,
one of our clients has asked us to include a type of restriction within the SCORM files (which we produce on their behalf using Storyline 360 and Rise 360) to prevent the SCORM from being played on their clients' platform once the license has expired.

Could you advise on the best way to proceed?

I'm pretty sure this type of control is not available through the built-in features of Articulate authoring tools (but please correct me if I’m wrong) and instead might be achieved by editing the SCORM after publishing. Specifically, by inserting custom JavaScript code that compares the current date with a predefined expiry date, and if the current date exceeds the expiry date, the SCORM package will display a warning message or block the course from progressing.

My concern is that using custom JavaScript in this way might be blocked by the clients' LMS platforms or could be limited or disabled by future browser updates.

Another possibility I’m considering is using cloud-based services (like SCORM Cloud) to host the SCORM files, which could then be accessed via a link or embed from the clients' platforms, so that when the license expires, it would be sufficient to modify the cloud service access.

Once again, I would appreciate your advice.

Please let me know if you need any further information. Thank you!

  • JoeFrancis's avatar
    JoeFrancis
    Community Member

    Note, because JavaScript is a client-side language running in the browser, this can easily be defeated by turning the clock back. It's an old trick, but it still works.

    If you're serious about restricting access contractually, I suggest SCORM Cloud Dispatch. When I was with a previous employer who has a global footprint, we used Dispatch to deliver courses to the learners via their organization's LMS' while still maintaining ownership and control of the courses (including based on date).

    SCORM Cloud Dispatch

  • Some LMS's offer an expiration date for content. If your clients LMS doesnot has this, you can use javascript to check for the currentDate and close/lockdown or block the course when a specific date is passed.

  • As at the moment i only have mobile access, i cannot show a fully working sample. But here some dummycode that gives you a headstart.

    var end = new Date('2024-11-01');

    var now = new Date();

    if (end - now <= 0) { 

    /*here you show a layer locking progress, or a blocker or even completely close the Windows*/

  • luigizirpoli's avatar
    luigizirpoli
    Community Member

    Thank you for the response.

    Thanks to ChatGPT, I already have an idea for a possible JavaScript code to manage the expiration date, but I’m interested in knowing what the potential downsides might be of adding custom JavaScript code within a SCORM package. For example, is there a risk that the code might stop functioning correctly after updates to the LMS platform or browsers?

    • MathNotermans-9's avatar
      MathNotermans-9
      Community Member

      None whatsoever. Only risks on using Javascript in Storyline are Articulate related.

    • SamHill's avatar
      SamHill
      Super Hero

      Beware of maintenance. In order to re-enable access, you would need to deliver a new set of files. This may not work for your client, as I know with some LMS, this can mean having to create a new offering on the system. You don't get the same continuity you do from system controlled access. Also, from system controlled access, you do not have to distribute the actual content. You get to host it, which is really good for version control and agile maintenance.

  • Hello luigizirpoli I think this is asking the content for what is better off being a system solution. The reason I say this, is because anything that is built into the content cannot be controlled without having to upload a new set of files, whereas a system solution would allow you to turn on/off access to the content. 

    The best way to achieve this level of control is to not distribute the SCORM content, but to distribute a proxy SCORM package which requests the content from a server, and then uses a technological solution such as JSON padding to allow SCORM to communicate across the different domains.

    There are probably quite a few solutions out there, but a well documented one, that will at least help you understand what would need to happen is the SCORM Cloud Dispatch

  • As Sam says, maintenance might be an issue. He suggest Dispatch. However another solution i used for that is, simply getting the date when a course should be locked/expired from an external variable. I use databases for that, but a txt-file or Google sheets could suffice too.

    • SamHill's avatar
      SamHill
      Super Hero

      There's always a risk with JavaScript solutions, especially when your client has the course package too. It is possible, if the client has the appetite, to circumvent any client side access control without your knowledge.

      It's a cost effective solution, if you are happy to accept that some clients may work around it.