Joomla User Sync with Azure AD/Microsoft Entra ID

Overview

User Sync from Azure AD/Microsoft Entra ID to Joomla and Joomla to Azure AD/Microsoft Entra ID can be achieved by using our User Provisioning for Joomla with Azure AD/Microsoft Entra ID plugin. This plugin uses Microsoft Graph API to fetch all the user's details from Azure Directory to Joomla. The plugin also helps to create and delete users from the Joomla database to the Azure Active Directory/Microsoft Entra ID.

Setup Joomla User Sync with Azure AD/Microsoft Entra ID

Step 1: Install the User Provisioning Plugin

• Download the zip file for the miniOrange User Provisioning/User Sync plugin from the link here .
• Login into your Joomla site’s administrator console.
• From Menu, click on System, then under Install section click on Extensions.
• Upload the downloaded zip file to install the User Provisioning/User Sync plugin.
• Installation of the plugin is successful. Now click on Get Started! button.

Select 'Azure' from the list of providers.

Step 2: Setup Azure AD/Microsoft Entra ID App registration

• Log in to Microsoft Azure Portal as an Administrator.
• Under the Azure Services section, select Microsoft Entra ID.

 Create a Client:

• In the left tab, under the Manage section, select App registrations tab.

• Click on the New Registration option.

• Add the Display Name in the name field and choose the account type.
• Click on the Register Button.
• Navigate to the Overview tab, in the left pane.
• Copy the Application ID and the Directory ID, this will be your Client ID and Tenant ID respectively.

 Generate the Client Secret:

• From the left navigation pane, navigate to the Certificates & secrets tab.
• Click on New client secret. Enter the description and expiration time and click on the Add option.

• Copy the value, this will be your Client Secret.

 Add API Permissions to your Azure AD Application:

• Go to API Permissions from the left navigation pane and click on Add a permission option.

• Select Microsoft Graph under the Microsoft APIs tab.

• Select Application Permissions under the Microsoft Graph.

• Select User.

• Under User select User.Export.All, User.ManageIdentities.All, User.Read.All, User.ReadBasic.All, User.Readwrite.All, permission and click on the Add Permissions button.

• Click on Grant admin consent for Default Directory and click on Yes on grant admin consent confirmation.

• You have successfully configured Azure AD app to achieve User Sync into your Joomla Site.

Step 3: Configure User Provisioning for Joomla with Azure plugin

• Refer the table below and paste the respective values in the Configure Azure AD tab.

Application ID	Paste the Application ID from the Azure AD Application.
Client Secret	Paste the Client Secret from the Azure AD Application.
Tenant ID	Paste the Directory ID from the Azure AD Application.
Tenant Name	Enter your Domain name as your Tenant name
Test UPN/ID	Enter UserPrincipleName / ID of any user of your Azure AD Application. This will be used for test configuration

• Click on the Save Configuration button to save the configurations.

Step 4: Test Connection

• Enter UserPrincipleName / ID of any user of your Azure AD Application and click on the Save button.
• Click on the Test Configuration to check if the connection is correctly established with Azure.

• On successful configuration you will be to able to view the attributes received from Azure AD.

Step 5: Sync User to Joomla Database

• Navigate to the tab Azure -> Joomla. Under the User Attribute Mapping section map the Azure AD attribute name to the respective Joomla attribute Name and click on Save Configuration.

  Sync an Individual User or All Users

• Enter UserPrincipleName / ID of any user of your Azure AD application.
• Click on the Create User button to create your Azure AD user to your Joomla site Database.
• Or click on the Create All Users button to sync all users from the Azure AD users to your Joomla site Database. (Note: This is a Premium Feature.)

  Sync User Groups (Premium Feature)

• Under the Sync User Groups, you can map user groups from Azure to Joomla user groups. Also, select default group for the new/login users.

  Set User Sync Interval (Premium Feature)

• Under Set User Sync Interval section, set up a schedule for automatic user synchronization on a hourly, daily, or weekly basis.

Step 6: Sync User from Joomla Database to Azure AD

  Create and Delete User

• Navigate to the tab Joomla -> Azure. Here, under the Create an Individual User section, any user created in Joomla will sync automatically and get created in Azure AD.
• Under the Delete User section, you can delete an individual user from Azure.

  Automatic Provisioning (Premium Feature)

• Under the Automatic Provisioning section, you can automate provisioning whenever a user is created, deleted and updated. You can also enable automatic sync of Joomla user password.

  Sync User Attributes and Set Interval (Premium Feature)

• Under the Sync User Attribute tab, you can map user attributes from Joomla to Azure.
• You can also set up a schedule for automatic user synchronization, under the Set User Sync Interval tab.

Related Articles

• What is SCIM User Provisioning?
• SCIM (User Provisioning) with Okta
• SCIM (User Provisioning) with OneLogin
• Frequently Asked Questions (FAQs)