Search Results :

×

DNN OAuth Single Sign-On (SSO) Using IdentityServer4 As OAuth Provider


DNN OAuth Single Sign-On (SSO) authentication provider gives the ability to enable OAuth Single Sign-On for your DotNetNuke site. Using Single Sign-On you can use only one password to access your DotNetNuke site and services. Our authentication provider is compatible with all the OAuth compliant identity providers. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between DNN and IdentityServer4 considering IdentityServer4 as OAuth Provider. To know more about the other features we provide for DNN OAuth Single Sign-On (SSO), click here.

Pre-requisites: Download and Installation

  • Download the DNN Oauth Single Sign On authentication provider with above link.
  • Upload the installation package dnn-oauth-single-sign-on_xxx_Install by going in Settings > Extension > Install Extension.
  • Now under the Installed extensions tab select Authentication Systems. Here you can see the miniOrange DNN OAuth Authentication Provider.
  • DNN OAuth SSO - Authentication Provider
  • Just click on the pencil icon as mentioned in the image below to configure the DNN OAuth Authentication Provider.
  • DNN OAuth SSO - Authentication Provider pencil icon
  • Now go to the site settings tab. Here you can see the DNN OAuth Authentication Provider Dashboard.
  • DNN OAuth SSO - Authentication Provider Dashboard
  • You have finished with the installation of the Authentication Provider on your DNN site.

Steps to configure DNN Single Sign-On (SSO) using IdentityServer4 as IDP

1. Configure Authentication Provider for Setting up OAuth Single Sign-On (SSO)

  • For configuring application in the authentication provider, click on the Add New Provider button in the Identity Provider Settings tab.
  • DNN OAuth SSO - add new IDP

    Select your Identity Provider

  • Select IdentityServer4 as Identity Provider from the list. You can also search for your Identity Provider using the search box.
  • DNN OAuth SSO - Select identity provider

2. Configure Duende IdentityServer4 as OAuth Provider

  • Set up Duende IdentityServer4 using guidelines provided here.
  • From Configure OAuth tab in Oauth Client plugin, collect Redirect/Callback URL and enter it into your Duende IdentityServer4.
  • Copy your Client ID and Client Secret and save it on your miniOrange DNN OAuth Client Configuration.
  • You have successfully completed your Duende IdentityServer4 OAuth Server side configurations.

  • Duende IdentityServer4 Endpoints and Scope:


    Client ID : Click Here
    Client Secret : Click Here
    Scope: openid
    Authorize Endpoint: https://<your-domain>/connect/authorize
    Access Token Endpoint: https://<your-domain>/connect/token
    Get User Info Endpoint: https://<your-domain>/connect/userinfo
    Custom redirect URL after logout:[optional] : https://<your-domain>/connect/endsession?id_token_hint=##id_token##

3. Configuring OAuth Provider

  • Copy the Redirect/Callback URL and provide it to your OAuth provider.
  • DNN OAuth SSO - DNN OAuth Redirect URL

4. Configuring OAuth Client

  • Configure Client ID, Client Secret, update the endpoints if required and save the settings.
  • DNN OAuth SSO - Configuration DNN OAuth SSO - Configuration

5. Test Configuration

  • Now go to the Identity Provider Settings tab.
  • Under the select actions click on the Test Configuration button to verify if you have configured the authentication provider correctly.
  • DNN OAuth SSO - Testing OAuth SSO
  • On successful configuration, you will get Attribute Name and Attribute Values in the Test Configuration window.
  • DNN OAuth SSO - Testing OAuth SSO

6. Attribute Mapping

  • For attribute mapping select the Edit Configuration from the select actions dropdown.
  • Map email and username with Attribute Name you can see in Test Configuration window and save the settings.
  • DNN OAuth SSO - DNN OAuth Attribute Mapping

You can configure the ASP.NET SAML Single Sign-On (SSO) module with any identity provider such as ADFS, Azure AD, Bitium, Centrify, G Suite, JBoss Keycloak, Okta, OneLogin, Salesforce, AWS Cognito, OpenAM, Oracle, PingFederate, PingOne, RSA SecureID, Shibboleth-2, Shibboleth-3, SimpleSAML, WSO2 or even with your own custom identity provider. To check other identity providers, click here.

Additional Resources

Need Help?

Not able to find your identity provider? Mail us on dnnsupport@xecurify.com and we'll help you set up SSO with your IDP and for quick guidance (via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com