SSO Login into Rocket.Chat using Drupal as OAuth / OpenID Connect Provider
Overview
Drupal SSO integration will allow the users to log in to the Rocket.chat using the Drupal site Credentials. This SSO integration is achieved by the miniOrange OAuth / OpenID Connect server module which uses the OAuth 2.0 and OpenID Connect protocol. The module is compatible with all OAuth / OpenID Connect clients and is available for Drupal 7, Drupal 8, Drupal 9, Drupal 10, and Drupal 11.
In this setup guide, we will help you configure the Single Sign-on login using the OAuth protocol between the Drupal site and the Rocketchat.
Configuration Steps
Configure an OAuth / OIDC Application in Rocket.Chat:
- Login to the Rocket.Chat with administrator credentials.
- From the left navigation menu, go to Administration -> Workspace.
- Navigate to the Settings tab from the left navigation menubar.
- Now, search for OAuth and click on the Open button.
- Click on the Add custom OAuth button present on the top right corner of the screen.
- Enter the application name under the Give a unique name for the custom OAuth text field and click on the Add button.
- Select the created application from the list of applications and expand it.
- Copy the Callback URL.
Configure Drupal as an OAuth Server:
Note: Please ensure that the Drupal site is hosted on a server accessible from the internet, as Rocket.Chat won't be able to reach the Drupal endpoints if the Drupal site is running on localhost.
- On the Drupal site, go to the Configuration -> miniOrange OAuth server configuration -> OAuth Client.
- Click on the Add Client button.
- Enter the Application Name under the Application Name text field.
- Paste the copied Callback URL under the Callback/Redirect URL text field.
- Multiple Callback URLs can be added by clicking on the Add More button next to the text field.
- Click on the Save button and copy the Client ID and Client Secret.
Integrating Rocket.Chat with Drupal:
- Navigate to the Rocket.Chat console and Enable the toggle button.
- Paste the Client ID under the Id text field and Client Secret under the Secret text field.
- Add the Scope and Endpoints/Path as specified in the table below (You can also get the same from the Scope & Endpoints section of the Drupal site -> Configuration -> miniOrange OAuth server configuration -> OAuth Client):
| Scope | profile openid email |
|---|---|
| Authorize Path | {base_url_of_the_drupal_site}/mo/oauth2/authorize |
| Token Path | {base_url_of_the_drupal_site}/mo/oauth2/token |
| Identity Path | {base_url_of_the_drupal_site}/mo/oauth2/userinfo |
- Configure other necessary features as per your requirements. Please keep the remaining fields default if not sure of the configurations.
- Ensure that the Show Button on Login Page toggle button is enabled.
- Once the configurations are done click on the Save changes button.
You have successfully configured Rocket.Chat as an OAuth Client and Drupal as an OAuth server.
Let’s see how this works:
- Open a new window/private browser and navigate to the login page of the Rocket.Chat website.
- Click on the Sign in with Drupaloauth (the custom OAuth application name that was created on the Rocket.Chat) button.
- A window will popup asking to Log in to the Drupal.
- Enter the Drupal credentials and click on the Log in button.
- On successful authentication, pop up will be closed with successful login into the Rocket.Chat.
You have successfully performed the SSO between Rocket.Chat and Drupal.
Need Assistance?
If you face any issues during the configuration or if you want some additional features, please contact us at drupalsupport@xecurify.com.
Additional Features:
- Add multiple Callback/Redirect URL
- Add custom user attributes to be sent in response
- Use enable asymmetric signing algorithm
- Enable single logout
