Setup Clever Single Sign-on with Drupal OAuth Client

Overview

Drupal Clever SSO integration will allow you to configure Single Sign-On ( SSO ) login between your Drupal site and Clever using OAuth/OpenID protocol. Drupal OAuth 2.0/OpenID connect module gives the ability to enable login using OAuth 2.0/OIDC Single Sign-On to Drupal Site. We provide the Drupal OAuth/OpenID Client module for Drupal 7, Drupal 8, Drupal 9 and Drupal 10, Drupal 11.
Here we will go through a guide to configure the SSO login between Drupal and Clever. By following these steps, users of Clever will be able to log into the Drupal site using their Clever credentials.

Installation Steps

• Using Composer
• Using Drush
• Manual Installation

• Download the module:

  composer require 'drupal/miniorange_oauth_client'

• Navigate to Extend menu on your Drupal admin console and search for miniOrange OAuth Client Configuration using the search box.
• Enable the module by checking the checkbox and click on the Install button.
• You can configure the module at:

  {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc

• Install the module:

  drush en drupal/miniorange_oauth_client

• Clear the cache:

   drush cr

• You can configure the module at:

  {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc

• Navigate to Extend menu on your Drupal admin console and click on Install new module.
• Install the Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login module either by downloading the zip or from the URL of the package (tar/zip).
• Click on Enable newly added modules.
• Enable this module by checking the checkbox and click on install button.
• You can configure the module at:

  {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc

Configuration Steps

Setup Drupal as OAuth Client

• After installing the module, navigate to the Configuration -> miniOrange OAuth Client Configuration -> Configure OAuth tab and select Custom OAuth 2.0 Provider from the Select Application dropdown list.
• Copy the Callback/Redirect URL and keep it handy.

Note: If your provider only supports HTTPS Callback/Redirect URLs and you have an HTTP site, please make sure to enable the 'Enforce HTTPS Callback URL' checkbox at the bottom of the tab.

• Enter the application name in the Display Name text field. For example, Clever.

Create SSO Application in Clever

• First of all, go to https://dev.clever.com/ and sign up/login to register a new app.
• Under Start your Clever Sandbox, click on the click here to get started option.

• Go to https://apps.clever.com/signup and signup/login to your account.
• Follow the steps to create an application. (refer to the images below)

• Click on Clever Instant Login option to continue.

• Click on next button to continue.

Integrating Drupal with Clever

• Copy the Client ID and the Client secret and store it in your Drupal OAuth Client moduleunder the Client ID and Client Secret text fields respectively. Copy the Redirect/Callback URL from your Drupal oauth client module and store it in the Redirect URIs text field. Finally, click on the Save button to save your configurations.

• Click on the Next button to continue to next step.
• Select the browsers you want to be supported for certificate survey and select Secure Authorization Grant Flow for the which authorization flow do you use question (refer to the image on the next page).

• Enter all the other fields according to your use case and click on the Submit button in the end to save your configurations.

• Clever Endpoints and Scope:

Scope:	read:students read:teachers read:user_id
Authorize Endpoint:	https://clever.com/oauth/authorize
Access Token Endpoint:	https://clever.com/oauth/tokens
Get User Info Endpoint:	https://api.clever.com/v1.1/me

• In Drupal’s Configure OAuth tab and paste the copied Client ID and Client Secret (copied from the Clever) in the Client ID and Client Secret text-field.

Test Configuration of Drupal with Clever

• Click on the Perform Test Configuration button to test the connection.

• On a Test Configuration popup, if you don't have an active session in Clever on the same browser, you'll be prompted to sign in to Clever. Once successfully logged in, you'll receive a list of attributes retrieved from Clever.
• Select the Email Attribute from the dropdown menu in which the user's email ID is obtained and click on the Done button.

• Once clicked on Done button, you will be redirected to the Attribute & Role Mapping tab, in which you can select the Username Attribute from the dropdown list and click on Save Configuration button

Please note: Mapping the Email Attribute is mandatory for your login to work.

How to perform the SSO

• Open a new browser/private window and navigate to the Drupal site login page.
• Click on the Login using Clever link to initiate the SSO from Drupal.
• If you want to add the SSO link on other pages, please follow the steps given in the image below: