Search
START TYPING AND PRESS ENTER TO SEARCH

Guide: Joomla OAuth Client Integration with Azure Active Directory Single Sign-On (SSO) | Azure AD SSO

Integration of Azure AD Single Sign-on( Azure Active Directory SSO ) with Joomla using OAuth 2.0 Protocol. The miniOrange Joomla OAuth / OpenID Connect Single SIgn-on (SSO) plugin makes it simple to set up Azure AD (Microsoft Azure) SSO into Joomla and enable secure login into joomla. As a result, users can log in to Joomla and access the site by authenticating with their Azure AD OAuth provider credentials.
Visit our Joomla OAuth Client Plugin webpage to learn more about the features and plans we offer for the Joomla OAuth Single Sign-on (OAuth & OpenID connect) plugin.

Plugin Download and Video Setup Guide


Get this plugin
Joomla OAuth & OpenID Single Sign-On (SSO)

Watch Setup Video

Steps to Configure Azure AD Single Sign-On (SSO) into Joomla

1. Setup Azure Active Directory as OAuth Provider

  • Sign in to Azure portal.
  • Click on Azure Active Directory from Azure services.
    • Azure AD Single Sign On (SSO) (Active Directory) Oauth OIDC Joomla, Microsoft Azure AD (Active Directory) SSO Login
  • In the left-hand navigation pane, click the App registrations service, and click New registration.
    • Azure AD Single Sign On (SSO) (Active Directory) Oauth OIDC Joomla, Microsoft Azure AD (Active Directory) SSO App-Registration
  • When the Create page appears, enter your application's registration information:
    • Name : Name of your application.
    Application type :
    1. Select "Web app / API" for client applications and resource/API applications that are installed on a secure server. This setting is used for OAuth confidential web clients and public user-agent-based clients. The same application can also expose both a client and resource/API.
    Sign-on URL :
    1. For "Web app / API" applications, provide the base URL of your app. eg, https://<domain-name> might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
    Azure AD Single Sign On (SSO) (Active Directory) Oauth OIDC Joomla, Microsoft Azure AD (Active Directory) SSO registration
  • When finished, click Register. Azure AD assigns a unique Application ID to your application. Copy Application ID and the Directory ID, this will be your Client ID and Tenant ID respectively.
    • Azure AD Single Sign On (SSO) (Active Directory) Oauth OIDC Joomla, Microsoft Azure AD (Active Directory) SSO Overview
  • Go to Certificates and Secrets from the left navigaton pane and click on New Client Secret. Enter description and expiration time and click on ADD option.
    • Azure AD Single Sign On (SSO) (Active Directory) Oauth OIDC Joomla, Microsoft Azure AD (Active Directory) SSO secret-Key
  • Copy value. This will be your Secret key (Client Secret).
    • Azure AD Single Sign On (SSO) (Active Directory) Oauth OIDC Joomla, Microsoft Azure AD (Active Directory) SSO Secret-Key-2
  • Microsoft Azure AD (Active Directory) Endpoints and scope:
    • Client ID : Click here
    Client Secret : Click here



    Scope:
    OpenID Default Scope by Azure to retrieve user information
    email User's Email ID
    profile User's Profile Details
    user.read Email and User's Profile Details
    Authorize Endpoint: https://login.microsoftonline.com/[tenant-id]/oauth2/v2.0/authorize
    Access Token Endpoint: https://login.microsoftonline.com/[tenant-id]/oauth2/v2.0/token
    Get User Info Endpoint: https://graph.microsoft.com/beta/me

You have successfully configured Azure AD as OAuth Provider for for achieving Azure AD Single Sign-On (SSO) with Joomla for user integration.


1.1 Group Mapping [Premium]

  • Go to Application → Select the application where you want to configure the group mapping. Now, Go to the API Permissions tab.
    • Azure AD Single Sign On (SSO) (Active Directory) Oauth OIDC Joomla, Microsoft Azure AD (Active Directory)
  • Click on the Add permission button, and then Microsoft Graph API -> Delegated Permissions and select openid, Profile scope and click on the Add Permissions button.
    • Azure AD Single Sign On (SSO) (Active Directory) Oauth OIDC Joomla, Microsoft Azure AD (Active Directory)
  • Click on the Grant consent for Demo button.
  • Go to Manifest tab and find groupMembershipClaims and changes it’s value to "All" and click on the save button.
    • Azure AD Single Sign On (SSO) (Active Directory) Oauth OIDC Joomla, Microsoft Azure AD (Active Directory)
  • Now you would be able to get the group's value in the Test configuration window.

2. Configure Joomla as OAuth Client


  • Download the zip file for the miniOrange OAuth Client plugin for Joomla from the link here.
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Login into your Joomla site’s administrator console.
  • From left toggle menu, click on System, then under Install section click on Extension.
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Upload the downloaded zip file to install the Joomla OAuth Client plugin.
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • From left toggle menu click on Components, then click on miniOrange OAuth Client , then click on Configure OAuth tab.
  • Under Configure OAuth tab . Select your OAuth Provider. (If your OAuth Provider not listed then click on Custom OAuth/ Custom OpenID connect App .)
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Fill in the details you received from your OAuth Provider.
  • Copy the Redirect/Callback URL given in the plugin and click on the Save Settings button to save details in your OAuth Provider. Then click on Test Configuration button.
    • joomla oauth provider OAuth tab
  • After click on the Test Configuration button and copy the email and name attributes and save these attributes in Email Attribute and Name Attribute text field respectively. Now click on the Save Attribute Mapping button to save your configurations.
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Use the Login URL to perform the SSO of your pre-configured OAuth/OpenID Connect Provider, (After completing test configuration please copy the Login URL and Add a button on your site login page).
    • Joomla OAuth Client - Login URL
  • Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
  • Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your desired OAuth Provider.
  • Click on the Upgrade Plans tab to check out our complete list of features and various licensing plans. OR you can click here to check features and licensing plans
  • If you want to purchase any of the paid version of the plugin, you have to register/login with us in Account Setup tab. OR you can register/login Here
  • In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support button in the plugin or by sending us a mail at joomlasupport@xecurify.com.

  • Download the zip file for the miniOrange OAuth Client plugin for Joomla from the link here.
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Login into your Joomla site’s administrator console.
  • Go to Extension Manage Install in the top navigation bar to install the plugin.
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Upload the downloaded zip file to install the OAuth Client plugin.
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Navigate to Extensions Manage Manage and search for miniorange in the Search bar provided to see the list of the components.
  • Go to Components MiniOrange OAuth Client Configure OAuth tab from the top navigation bar to go to the configuration page of the plugin.
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Select your OAuth Provider from the Select Application dropdown. In case your OAuth Provider is not listed in the drop down, please select Custom OAuth Provider to continue.
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Fill in the details you received from your OAuth Provider.
  • Copy the Redirect/Callback URL given in the plugin and click on the Save Settings button to save details in your OAuth Provider.
  • Click on the Test Configuration button and copy the email and name attributes and save these attributes in Email Attribute and Name Attribute text field respectively. Now click on the Save Attribute Mapping button to save your configurations.
    • Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration Joomla Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Use the Login URL to perform the SSO of your pre-configured OAuth/OpenID Connect Provider, (After completing test configuration please copy the Login URL and Add a button on your site login page).
    • Joomla OAuth Client - Login URL
  • Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
  • Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your desired OAuth Provider.
  • Click on the Upgrade Plans tab to check out our complete list of features and various licensing plans. OR you can click here to check features and licensing plans
  • If you want to purchase any of the paid version of the plugin, you have to register/login with us in Account Setup tab. OR you can register/login Here
  • In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support button in the plugin or by sending us a mail at joomlasupport@xecurify.com.

Recommended Add-Ons

Page and Post
Restriction

Page and Post Restriction plugin restricts Joomla pages and posts of the site based on User Roles and their Login Status.

Know More

Role/Group Based Redirection

Role/Group-Based Redirection Add-on can be used to redirect the user to a specific URL based on the roles/groups received from the OAuth server.

Know More

SSO Session
Management

SSO session management add-on manages the login session time of your users based on their Joomla roles.

Know More

You have successfully configured Joomla as OAuth Client for achieving Joomla Azure AD Single Sign-On (SSO) with Joomla for user authentication.


In this Guide, you have successfully configured Joomla Azure AD Single Sign-On (SSO) by configuring Azure AD as OAuth Provider and Joomla as OAuth Client using our Joomla OAuth Client plugin.This solution ensures that you are ready to roll out secure access to your Joomla site using Azure AD login credentials within minutes.


Additional Resources


Mail us on joomlasupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!
support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com