Apple Single Sign-On (SSO) OAuth / OpenID Connect into Joomla | Apple SSO Login
Single Sign-On (SSO) with Apple Single Sign-On in Joomla uses OAuth Authorization to provide users secure access to the Joomla site. With our Joomla OAuth Single Sign-On (SSO) plugin, Apple Single Sign-On acts as the OAuth provider, ensuring secure login for Joomla websites.
The integration of Joomla and Apple Single Sign-On simplifies and secures the login process using OAuth protocol. This solution allows users to access their Joomla sites with Single Sign-On (SSO) using their Apple Single Sign-On credentials, completely removing the need to store, remember, and reset multiple passwords.
Visit our Joomla OAuth Client Plugin page to learn more about the features and Pricing plans we offer for the Joomla OAuth Single Sign-on (OAuth & OpenID connect) plugin.
Pre-requisites : Download And Installation
Steps to Install Joomla OAuth Client Plugin
- Download the zip file for the miniOrange OAuth Client plugin for Joomla.
- Login into your Joomla site’s administrator console.
- From left toggle menu, click on System, then under Install section click on Extension.
- Upload the downloaded zip file to install the Joomla OAuth Client plugin.
- Installation of the plugin is successful. Now click on Start Using miniOrange OAuth Client plugin.
- Under Configure OAuth -> Pre-Configured Apps tab, select your OAuth Provider. You can also search for custom OAuth or custom OpenID application in the search bar, and configure your own custom provider.
Steps to configure OAuth SSO into Joomla
1. Configure Callback/Redirect URL
- After selecting your OAuth provider, you will be redirected to the Step 1 [Redirect URL] tab. Now copy the Callback/Redirect URL which we will use to configure the OAuth Server, then click on the Save & Next button.
- First of all, go to https://developer.apple.com click on Account and Login with your Apple developer account.
- Click on Certificates, Identifiers & Profiles tab.
- In the left menu Click on Identifiers and after that click on the Plus Icon(blue color) . Click on Continue for the next 2 pages.
- Enter Description and Bundle ID for the App ID. (The Bundle ID should be in reverse-dns style string.)
- In the Capabilities section scroll down and select sign with apple and Click on Edit link.
- Select Enable as a primary App Id and click on Save. Click on Continue and then click on Register.
- In the right corner click on Continue and after that Register button.
- Again click the Plus icon( blue color). Select Service IDs and click on Continue.
- Enter Description and Identifier( Identifier would be your client id). and click on the Continue and after that Register button.
- Click on Keys tab from the left menu.Click on the Plus icon to register a new key.
- Give your Key a name, and select Sign In with Apple and click on Configure button.
- Select your Primary Id and click on the Save button and after that at the right corner click on Continue and Register button.
- Click on the Download button once the key is downloaded click on the Done button.
- In the left menu click on Identifiers and the right top click on App IDs.
- Click on Service IDs from the drop down menu.
- Select your Service Id from the List.
- Select Sign In with Apple and click on Configure button.
- Select the Primary App Id from the drop down, and Enter the Domain and Redirect URL in Domains and Subdomains and Return URLs respectively and click on the Next button (You will get the Domain name and Redirect URL from miniOrange plugin).
- Verify the details and click on the Done button. After that at the right corner click on the Continue button.
- Copy the Identifier value and click on the Save button.
- Enter the Identifier value in the Client ID and copy the downloaded key value in Client secret of the miniOrange OAuth Client plugin.
2. Configure Client ID and Secret
- Download the Ruby installer from the following link https://rubyinstaller.org/downloads/ and then install it.
- Search for the Start command prompt with ruby open the ruby command prompt andinstall the JWT gem by running the following command on the command line:gem install JWT.
- Copy the below code in a file and save the file with the .rb extension. Keep this .rb fileand downloaded .p8 file in the same folder.
- Enter the name of downloaded file example= "key.P8", key_id , client_id, team_id in the code
- Open Ruby command prompt and run the above code using the following command ruby filename.rb
-
require 'jwt'key_file = 'key.P8'
team_id = ''
client_id = ''
key_id = ''
ecdsa_key = OpenSSL::PKey::EC.new IO.read key_file
headers = {
'kid' => key_id
}
claims = {
'iss' => team_id,
'iat' => Time.now.to_i,
'exp' => Time.now.to_i + 86400*180,
'aud' => 'https://appleid.apple.com',
'sub' => client_id,
}
token = JWT.encode claims, ecdsa_key, 'ES256', headers
puts token - You will get your secret key. Copy the secret key.
- Go to the Step 2 [Client ID & Secret] tab of the Joomla OAuth Client plugin, here paste the Client ID, Client Secret and Tenant. Click on the Save Configuration button.
3. Configure Attribute Mapping
- Go to Step 3 [Attribute Mapping] tab and click on Test Configuration button.
- You will be able to see the attributes in the Test Configuration output as follows.
- Now go to the Step 3 [Attribute Mapping] tab and Select the attribute name for Email and Username from dropdown. Then click on Finish Configuration button.
User Attribute Mapping is mandatory for enabling users to successfully login into Joomla. We will be setting up user profile attributes for Joomla using below settings.
4. Setup Login/SSO URL
- Now go to Step 4 [SSO URL] tab, here copy the Login/SSO URL and add it to your Site by following the given steps.
- Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
You have successfully configured Apple as OAuth Provider for for achieving Apple Single Sign-On (SSO) with Joomla for user integration.
Using our Joomla OAuth Client plugin, you have successfully configured Joomla Apple Single Sign-On (SSO) by Apple as OAuth Provider and Joomla as OAuth Client. This solution ensures that you are ready to provide safe access to your Joomla site using Apple login credentials in minutes.
Additional Resources
- What is OAuth 2.0?
- Frequently Asked Questions (FAQs)
- How to configure Oauth / OpenID Connect SSO with Azure AD
- How to configure Oauth / OpenID Connect SSO with Salesforce
- How to configure Oauth / OpenID Connect SSO with AWS Cognito
- How to configure Oauth / OpenID Connect SSO with Facebook
- How to configure Oauth / OpenID Connect SSO with Google Apps
- How to configure Oauth / OpenID Connect SSO with Instagram
- How to configure Oauth / OpenID Connect SSO with Keycloak
Mail us on joomlasupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.
Need Help? We are right here!
