Why SSO?
The moment you decide to bring your business online by launching a Drupal site, the biggest concern is about avoiding cyberattacks and keeping the data of your visitors safe. SSO comes here to rescue and let you use the best security available in the market by using popular IdPs like Okta, Azure AD, ADFS, Google etc.
SAML SP 2.0 Single Sign-On (SSO) - SAML Service Provider module (a.k.a Drupal SSO module) can be integrated within 5 minutes with any SAML 2.0 compliant Identity Provider (IdP). The SAML SSO module has all the enterprise-level features like users’ attribute mapping, role mapping, attribute & domain based restriction and sign-in settings like forced SSO login, etc to meet all requirements of your organization.
Advantages of Drupal SSO
- Greater security and compliance: Once you enable SSO you have all the security features and compliance's implemented by your Identity Provider.
- One central control point: Your IT team can view, manage, and secure all your users access, whether they are internal employees or external partners from a single point.
- Easy to adapt new technologies: Generally all Identity providers keep updating there technologies to meet the market requirements so you need not to worry about new changes in technology.
- Easy to scale: In case of business expansion to new website or platform (mobile or desktop) you can just connect their login to the same IdP.
Common terms of SSO
-
Identity Provider (IdP): The system entity which authenticates the user and sends the authentication response to other party (called Service Provider). Example: If you are connecting your Drupal website with azure then azure is Identity Provider in this case which is responsible for authentication of users.
-
Service Provider (SP): Service Provider accepts the authentication response sent by the Identity Provider and allows successful login to the user. Example: If you are connecting your Drupal website with azure then Drupal is Service Provider in this case.
Four easy and simple steps to implement Drupal SSO
- In the miniOrange SAML 2.0 SSO module, navigate to Service Provider Metadata tab. Here, you can find the SP metadata such as SP Entity ID and ACS (AssertionConsumerService) URL which is required to configure the Identity Provider.
-
You can configure your Identity Provider by using the metadata copied in the last step. You can also find the metadata URL in the Service Provider Metadata tab of the miniOrange
SAML SP SSO module (From the same tab you can also download the metadata file if needed).
Your IdP team will provide: IdP metadata URL or IdP metadata file or EntityId, SAML login URL and X.509 certficate of IdP.
3.1. In case you have IdP metadata URL
- Click on Upload IDP Metadata.
- Enter metadata URL and click on Fetch Metadata button.
3.2. In case you have IdP metadata file
- Click on Upload IDP Metadata.
- Upload IdP metadata file and click on Upload File button.
3.3. In case you have EntityId and SAML login URL
- Provide the required settings (i.e. Identity Provider Name, IdP Entity ID , SAML Login URL, X.509 Certificate).
- Scroll down to the bottom of the page and click on the save settings button.
4. Test the SSO connection and enable SAML SSO login
- In the service provider setup tab scroll down to the bottom of the page and click on Test Configuration button to test the SSO connection.
- After successful test connection, enable the checkbox named as 'Enable login with SAML'.
- Try to access login page of your site. You will find a link to perform SSO below the username and password login section.
24*7 Active Support
If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal SAML Single Sign On ( SSO ) Login module.
Free Trial
If you would like to test out the module to ensure your business use case is fulfilled, we do provide a 7-day trial. Please drop us an email at drupalsupport@xecurify.com requesting a trial. You can create an account with us using this link.
Additional Resources
Our Other modules