Joomla OAuth Client Integration with Azure AD Single Sign-On (SSO)
Integration of Azure AD Single Sign-on (M365/Azure Active Directory SSO) with Joomla using OAuth 2.0 Protocol. The miniOrange Joomla OAuth / OpenID Connect Single Sign-on (SSO) plugin makes it simple to set up M365/Azure AD (Microsoft Azure) SSO into Joomla and enable secure login into Joomla. As a result, users can log in to Joomla and access the site by authenticating with their Azure AD OAuth Provider credentials.
Visit our Joomla OAuth Client Plugin page to learn more about the features and Pricing plans we offer for the Joomla OAuth Single Sign-on (OAuth & OpenID connect) plugin.
Joomla OAuth Client Handbook
Please refer our detailed Handbook for the Joomla OAuth/OpenID Single Sign-On plugin, which gives an in-depth explanation of the various features of the plugin. You can get to the handbook at anytime directly from the plugin's UI for quicker access.
Pre-requisites : Download And Installation
Steps to Configure Azure AD Single Sign-On (SSO) into Joomla
Follow the steps given below to setup the Joomla OAuth Client plugin. You can also refer to this Setup video for configuring the plugin.
1. Install Joomla OAuth Client Plugin
- Download the zip file for the miniOrange OAuth Client plugin for Joomla from the given link.
- Login into your Joomla site’s administrator console.
- From left toggle menu, click on System, then under Install section click on Extension.
- Upload the downloaded zip file to install the Joomla OAuth Client plugin.
- Installation of plugin successful. Now click on Start Using miniOrange OAuth Client plugin.
- Under Configure OAuth tab. Select Azure AD as an OAuth Provider.
- Now copy the Callback / Redirect URL which is needed while configuring Azure AD as OAuth Server.
2. Setup Azure AD as an OAuth Provider
- Sign in to Azure portal.
- Click on Azure Active Directory from Azure services.
- In the left-hand navigation pane, click the App registrations service, and click New registration.
- When the Create page appears, enter your application's registration information:
- Select "Native" for client applications that are installed locally on a device. This setting is used for OAuth public native clients
- Select "Web app / API" for client applications and resource/API applications that are installed on a secure server. This setting is used for OAuth confidential web clients and public user-agent-based clients. The same application can also expose both a client and resource/API.
- For "Web app / API" applications, provide the base URL of your app. eg, https://<domain-name>/mo_login might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
-
For "Native" applications, provide the URI used by Azure AD to return token
responses. Enter a value specific to your application.
eg, https://localhost/joomla
| Name : | Name of your application. |
| Application type : |
|
| Sign-on URL : |
|
3. Integrating Joomla with Azure AD
- When finished, click Register. Azure AD assigns a unique Application ID to your application. Copy Application ID and the Directory ID, this will be your Client ID and Tenant ID respectively.
- Go to Certificates and Secrets from the left navigaton pane and click on New Client Secret. Enter description and expiration time and click on ADD option.
- Copy value. This will be your Secret key.
- Paste the Client ID, Client Secret and Tenant. click on Save Settings. Once Settings are saved then click on Test Configuration.
- Azure AD Endpoints and scope:
| Scope: | openid email profile |
| Authorize Endpoint: | https://login.microsoftonline.com/[tenant-id]/oauth2/v2.0/authorize |
| Access Token Endpoint: | https://login.microsoftonline.com/[tenant-id]/oauth2/v2.0/token |
| Get User Info Endpoint: | https://graph.microsoft.com/beta/me |
| Set Client Credentials: | In Both (In Header and In Body) |
4. Test SSO and Attribute Mapping
- Once you click on Test Configuration button, you will be able to see the attributes in the Test Configuration output as follows.
- Now you have to do Attribute Mapping to perform SSO. Select the attribute name for Email and Username from dropdown. Then click on Save Attribute Mapping button.
- Now you can use Login / SSO URL to perform SSO.
- Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
- Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your Azure AD OAuth Provider.
- Click on the Upgrade Plans tab to check out our complete list of features and various licensing plans. OR you can click here to check features and licensing plans.
- If you want to purchase any of the paid version of the plugin, you have to register/login with us in Account Setup tab. OR you can register/login Here.
- In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support button in the plugin or by sending us a mail at joomlasupport@xecurify.com.
You have successfully configured Joomla as OAuth Client for achieving M365/Azure AD Single Sign-On (SSO) with Joomla for user authentication.
In this guide, you have successfully configured Joomla Azure AD Single Sign-On (SSO) by configuring Azure AD as OAuth Provider and Joomla as OAuth Client using our Joomla OAuth Client plugin.This solution ensures that you are ready to roll out secure access to your Joomla site using Azure AD login credentials within minutes.
Additional Resources
- What is OAuth 2.0?
- Frequently Asked Questions (FAQs)
- How to configure OAuth / OpenID Connect SSO with Salesforce
- How to configure OAuth / OpenID Connect SSO with AWS Cognito
- How to configure OAuth / OpenID Connect SSO with Discord
- How to configure OAuth / OpenID Connect SSO with Facebook
- How to configure OAuth / OpenID Connect SSO with Google Apps
- How to configure OAuth / OpenID Connect SSO with Instagram
- How to configure OAuth / OpenID Connect SSO with Keycloak
Mail us on joomlasupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.
Need Help? We are right here!
