OAuth / OpenID Connect SSO Integration with Drupal as OAuth Provider

Overview

The Drupal OAuth Server SSO integration allows you to log in to any OAuth 2.0 or OpenID Connect (OIDC) compliant client applications using Drupal credentials. This SSO integration is achieved by the miniOrange OAuth server module. It supports multiple grant types, including Password grant, Client Credentials grant, Implicit grant, and Authorization grant type.

The module is compatible with all OAuth/OIDC clients such as Salesforce, Slack, AWS Cognito, Jira, Joomla, WordPress, Magento, Bitbucket, Azure AD B2C, Confluence, OSTicket, Grafana, Qlik Cloud, and is available for Drupal 7, Drupal 8, Drupal 9, Drupal 10 and Drupal 11.

Download Schedule a Meeting

Installation Steps

• Using Composer
• Using Drush
• Manual Installation

• Download the module:

  composer require 'drupal/oauth_server_sso'

• Go to Extend menu on your Drupal admin console and enable the module by enabling the checkbox and click on Install button.
• Configure the module at:

  {BaseURL}/admin/config/people/oauth_server_sso/config_client

• Install the module:

  drush en oauth_server_sso

• Clear the cache:

   drush cr

• Configure the module at:

  {BaseURL}/admin/config/people/oauth_server_sso/config_client

• Navigate to Extend menu on your Drupal admin console and click on Install new module.
• Install the Drupal OAuth / OIDC Provider - Single Sign On (SSO) module either by downloading the zip or from the URL of the package (tar/zip).
• Click on Enable newly added modules.
• Enable this module by checking the checkbox and click on Install button.
• Configure the module at

  {BaseURL}/admin/config/people/oauth_server_sso/config_client

Configuration Steps

Configure Drupal as an OAuth server

• Once the module is installed, navigate to the Configuration tab of the Drupal site and select the miniOrange OAuth server configuration.
• Click on the Add Client button.

• Enter the Application Name under the Application Name text field.
• Enter the Callback/Redirect URL. (It is a URL of the Client Application where the users will be redirected from the Drupal site after authentication.)
• You can add multiple Callback URLs by clicking on the Add More button next to the Callback/Redirect URL text field.

• Click on the Save button.
• Now the Client ID and Secret will be displayed. Please copy this and keep it handy. This will be required while configuring the Client application.
• Please configure the Scope and Endpoints as specified in the table below in the Client application. (You can also get the same from the Scope & Endpoints section of the Drupal site -> Configuration -> miniOrange OAuth server configuration -> OAuth Client):

Scope	profile openid email
Authorize Endpoint	{base_url_of_the_drupal_site}/mo/oauth2/authorize
Access Token Endpoint	{base_url_of_the_drupal_site}/mo/oauth2/token
Get User Info Endpoint	{base_url_of_the_drupal_site}/mo/oauth2/userinfo