Configure Clever Single Sign-On (SSO) with Joomla OAuth Client Plugin
Overview
Connecting Clever Single Sign-On (Clever SSO) with Joomla through the OAuth 2.0 protocol is easy with the miniOrange
Joomla OAuth / OpenID Connect Single Sign-On (SSO) plugin. This plugin simplifies the setup process for Clever SSO
in Joomla, enabling users to securely login by authenticating with their Clever OAuth Provider account details.
For more information about the features and plans offered for the Joomla OAuth Single Sign-On (OAuth & OpenID
Connect) plugin, please visit our Joomla OAuth Client Plugin
webpage.
Configuration Steps
In this configuration, Clever functions as the OAuth server, while Joomla allows users to log in with their Clever credentials by utilizing the Joomla OAuth Client Plugin.
Step 1: Install Joomla OAuth Client Plugin
- Login into your Joomla site’s Administrator console.
- From left toggle menu, click on System, then under Install section click on Extensions.
- Now click on Or Browse for file button to locate and install the plugin file downloaded earlier.
- Installation of plugin is successful. Now click on Get Started!
- Under Configure OAuth -> Pre-Configured Apps tab, select your OAuth Provider. You can also search for custom OAuth or custom OpenID application in the search bar, and configure your own custom provider.
- After selecting your OAuth provider, you will be redirected to the Step 1 [Redirect URL] tab. Now copy the Callback/Redirect URL which we will use to configure Clever as OAuth Server, then click on the Save & Next button.
Step 2: Configure Clever as OAuth Server
- Go to Clever and sign up/login to register a new app.
- Under Start your Clever Sandbox, click on the Click here to get started option.
- Follow the steps to create an application. (Refer to the images below)
- Click on the Save button to continue.
- Click on Next button to continue.
- Copy the Client ID and the Client Secret and keep handy for configuration of miniOrange OAuth Client. Copy the Redirect/Callback URL from your miniOrange OAuth Client plugin, then paste it in the Redirect URIs text field.
- Finally, click on the Save button to save your configurations.
- Click on the Next button to continue to next step.
- Select the browsers you want to be supported for certificate survey and select Secure Authorization Grant Flow for the which authorization flow do you use question.
- Enter all the other fields according to your use case and click on the Submit button in the end to save your configurations.
Step 3: Configure Client ID & Secret
- Go back to your Joomla Dashboard. Then go to Step 2 [Client ID & Secret].
- Paste the Client ID, Client Secret and Domain. Also Set Client Credentials In header then click on Save Settings. Once Settings are saved then click on Save Configuration.
- Scope & Endpoints are given below, which are required for configuring Joomla as OAuth Client plugin to configure Clever as a custom OAuth or OIDC provider.
| Scope | read:students read:teachers read:user_id |
| Authorize Endpoint | https://clever.com/oauth/authorize |
| Access Token Endpoint | https://clever.com/oauth/tokens |
| Get User Info Endpoint | https://api.clever.com/v1.1/me |
| Set Client Credentials | In Both (In Header and In Body) |
Step 4: Configure Attribute Mapping
- User Attribute Mapping is mandatory for enabling users to successfully login into Joomla. We will be setting up user profile attributes for Joomla using below settings.
- Go to Step 3 [Attribute Mapping] tab and click on Test Configuration button.
- You will be able to see the attributes in the Test Configuration output as follows.
- Now go to the Step 3 [Attribute Mapping] tab and Select the attribute name for Email and Username from dropdown. Then click on Finish Configuration button.
Step 5: Setup Login/SSO URL
- Now go to Step 4 [SSO URL] tab, here copy the Login/SSO URL and add it to your Site by following the given steps.
- Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
