Drupal SAML Single Sign-On SSO Login using Soffid as IdP

Overview

The Drupal SAML integration using the miniOrange SAML SP module establishes seamless SSO between Soffid and Drupal site. The users will be able to log in to the Drupal site using their Soffid credentials. This document will walk you through the steps to configure Single Sign-On - SSO between Drupal as a Service Provider (SP) and Soffid as an Identity Provider (IdP). The module is compatible with Drupal 7, Drupal 8, Drupal 9, Drupal 10, and Drupal 11.

Installation Steps

• Using Composer
• Using Drush
• Manual Installation

• Download the module:

  Composer require 'drupal/miniorange_saml'

• Navigate to Extend menu on your Drupal admin console and search for miniOrange SAML Service Provider using the search box.
• Enable the module by checking the checkbox and click on install button.
• Configure the module at

  {BaseURL}/admin/config/people/miniorange_saml/idp_setup

• Install the module:

  drush en drupal/miniorange_saml

• Clear the cache:

   drush cr

• Configure the module at

  {BaseURL}/admin/config/people/miniorange_saml/idp_setup

• Navigate to Extend menu on your Drupal admin console and click on Install new module button.
• Install the Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider module either by downloading the zip or from the URL of the package (tar/zip).
• Click on Enable newly added modules.
• Enable this module by checking the checkbox and click on install button.
• Configure the module at

  {BaseURL}/admin/config/people/miniorange_saml/idp_setup

Configuration Steps

Drupal SAML SP Metadata

• Go to Configuration → People → SAML Login Configuration in the Administration menu. (/admin/config/people/miniorange_saml/idp_setup)

• Under the Service Provider Metadata tab, copy the SP Entity ID/Issuer and SP ACS URL and keep them handy. This SP metadata is required to configure Shibboleth 4 as Identity Provider (IdP).

Configure Soffid as a Identity Provider

• Login with your Soffid Admin account credentials.
• In Soffid dashboard, Enter the following information about your Service Provider (Soffid as SAML IDP).

  Application Name	Enter name of Service Provider
  Entity ID or Issuer	Copy SP Entity ID/Issuer from Service Provider Setup and paste it.
  ACS URL	Copy SP ACS URL from Service Provider Setup and paste it.
  Certificate	Copy and Download Certificate from Service Provider Setup and paste it.
  NameID Format	urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified

Configure Drupal as SAML Service Provider:

• Go to your Drupal site. Navigate to the Service Provider Setup tab of the module and click on the Upload IDP Metadata.

• Paste the previously copied Metadata URL from Soffid into the Add from a URL text field and click on the Fetch Metadata button.

• Click on the Test link to test the connection between Drupal and Soffid.

• On a Test Configuration popup sign in using Soffid credentials (if an active session is not present). After successful authentication, a list of attributes that are received from Soffid will be displayed. Click on the Done.

Congratulations! you have successfully configure Single Sign-on between Drupal and Soffid site.

How does SAML SSO login work?

• Open a new browser/private window and navigate to the Drupal site login page.
• Click the Login using Identity Provider (Soffid) link.
• You will be redirected to the Soffid login page. Enter the Soffid credentials. After successful authentication, the user will be redirected back to the Drupal site.