Configure Canvas Single Sign-On (SSO) with Joomla OAuth Client Plugin

Overview

Single Sign-On (SSO) with Canvas in Joomla uses OAuth Authorization to provide users secure access to the Joomla site. With our Joomla OAuth Single Sign-On (SSO) plugin, Canvas acts as the OAuth provider, ensuring secure login for Joomla websites.

The integration of Joomla and Canvas simplifies and secures the login process using OAuth protocol. This solution allows users to access their Joomla sites with Single Sign-On (SSO) using their Canvas credentials, completely removing the need to store, remember, and reset multiple passwords.

In addition to offering OAuth Single Sign-On (SSO) using Canvas credentials, the plugin also provides advanced SSO features like user profile attribute mapping, role mapping, and Azure multi-tenant login and providing site access based on organization email domains. For further insights into the array of features we offer within the Joomla OAuth & OpenID Connect Client plugin, kindly visit our page here. You can follow the below steps to setup Canvas OAuth SSO with Joomla.

Configuration Steps

In this configuration, Canvas functions as the OAuth server, while Joomla allows users to log in with their Canvas credentials by utilizing the Joomla OAuth Client Plugin.

Step 1: Install Joomla OAuth Client Plugin

Login into your Joomla site’s Administrator console.
From left toggle menu, click on System, then under Install section click on Extensions.
Now click on Or Browse for file button to locate and install the plugin file downloaded earlier.
Installation of plugin is successful. Now click on Get Started!
Under Configure OAuth -> Pre-Configured Apps tab, select your OAuth Provider. You can also search for custom OAuth or custom OpenID application in the search bar, and configure your own custom provider.

After selecting your OAuth provider, you will be redirected to the Step 1 [Redirect URL] tab. Now copy the Callback/Redirect URL which we will use to configure Microsoft Entra ID as OAuth Server, then click on the Save & Next button.

Step 2: Configure Canvas as OAuth Server

Login to your Canvas LMS domain as an Account Administrator.
Go to the Admin tab and select the domain for which you wish to enable Single sign-on.

Go to the Developer keys link and click on the Developer key button then select the API key option from the dropdown.

Enter the required details such as Key Name, enter the Redirect URI from miniOrange OAuth Client plugin under the OAuth Redirect URL field and click on Save button.

Step 3: Configure Client ID & Secret

Now, copy the Client ID and Client Secret and save it on your miniOrange OAuth Client plugin Configuration.

Go to the Step 2 [Client ID & Secret] tab of the Joomla OAuth Client plugin, here paste the Client ID, Client Secret and Tenant. Click on the Save Configuration button.

Canvas Application Endpoints:

Scope	openid profile
Authorize Endpoint:	https://<your-site-url>/login/oauth2/auth
Access Token Endpoint:	https://<your-site-url>/login/oauth2/token
Get User Info Endpoint:	https://<your-site-url>/login/v2.1/users/self
Set Client Credentials:	In Both (In Header and In Body)

Step 4: Configure Attribute Mapping

User Attribute Mapping is mandatory for enabling users to successfully login into Joomla. We will be setting up user profile attributes for Joomla using below settings.
Go to Step 3 [Attribute Mapping] tab and click on Test Configuration button.

You will be able to see the attributes in the Test Configuration output as follows.

Now go to the Step 3 [Attribute Mapping] tab and Select the attribute name for Email and Username from dropdown. Then click on Finish Configuration button.

Step 5: Setup Login/SSO URL

Now go to Step 4 [SSO URL] tab, here copy the Login/SSO URL and add it to your Site by following the given steps.

Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.

Single Sign On

SAML Service Provider

OAuth/OpenId Connect Client (SSO)

Social Login Social Sharing

Headless Single Sign-On

SAML Identity Provider

OAuth/OpenId Connect Server

Login using YourMembership

Auto Login and Register using JWT

Help & Support

Multi-Factor Authentication (MFA)

Two Factor Authentication

WooCommerce Password Reset Over OTP

OTP Over Phone Call

Bulk SMS/WhatsApp Notification

OTP Verification

Limit OTP Request

Receive OTP and Notifications on WhatsApp

Help & Support

LDAP/Active Directory Integrations

LDAP/Active Directory Integration for WordPress

WP Staff/Employee Search Directory for Active Directory

LDAP/AD Integration for Cloud & Shared Hosted WordPress

Forms Integration with Active Directory for WordPress

Help & Support

Office365 Integration

SharePoint WordPress

PowerBI WordPress Integration

Outlook and MS Teams Integration

Azure AD / Office 365 app Integrations

Dynamics CRM 365 WordPress Integration

Help & Support

WooCommerce Integration

WooCommerce Product Sync

WooCommerce Integrator

Dynamics CRM 365 WordPress Integration

Object Data Sync for Salesforce

Help & Support

Decentralised ID

Digital ID Login

Web3 WordPress Authentication

WordPress Web3 Suite

WordPress NFT Marketplace

WordPress Smart Contracts

Help & Support

Add-Ons

Page and Post Restriction

LearnDash Integrator

WooCommerce Integrator

SSO Login Audit

Paid Membership Pro integrator

Media Restriction

BuddyPress Integrator

WordPress Discord Integrator

Guest User Login

SCIM User Provisioning

MemberPress Integrator

SSO Session Management

Attribute based redirection

Other Plugins

REST API Authentication

Custom API for WordPress

Firebase Authentication

WordPress Online Proctoring for LMS

No Code Automation

Object Data Sync for Salesforce

WP User Sync Integration for Third Party Apps

WP User and Login Management

Management tool for Web Agency

Help & Support

Single Sign On

SAML SSO

Crowd SSO

Kerberos / NTLM SSO

Helpdesk SSO Integration

OAuth/OpenID SSO

Git Authentication

Advance SSO Option

Help & Support

User Management