Configure AWS Cognito As An OAuth/OpenId Connect Server In Joomla

Joomla OAuth / OpenID connect Single Sign-On plugin enables login into your Joomla site using OAuth & OpenID Connect providers like AWS Cognito and other custom and standard providers. It supports advanced SSO features like user profile attribute mapping, role mapping etc. To know more about other features we provide in Joomla OAuth Client plugin, you can click here.

Step 1: Configure AWS Cognito as an OAuth/OpenId Connect Server

  • Go to https://console.aws.amazon.com/console/home and sign up/login in your account.
  • aws cognito joomla, go to link
  • Search for Cognito in the AWS Services search bar as shown below.
  •  aws cognito joomla, search cognito
  • Click on Manage User Pools button to see the list of your user pools.
  • aws cognito joomla, manage user pools
  • Click on Create a user pool to create a new user pool.
  • aws cognito joomla, create user pools
  • Add a Pool Name and click on the Review Defaults button to continue.
  • aws cognito joomla, review default
  • Scroll down and click on the Add App Client option in front of App Clients.
  • aws cognito joomla, joomla, add app client
  • Enter an App Client Name and click on Create app client to create an App client.
  • aws cognito joomla, create app client
  • Click on Return to Pool Details to come back to your configuration.
  • aws cognito joomla, return to pool detail
  • Click on Create Pool button to save your settings and create a user pool.
  • aws cognito joomla, create pool user
  • In the navigation bar present on the left side, click on the App Client Settings option under the App Integration menu.
  • aws cognito joomla, app client setting
  • Select Cognito User Pool checkbox under Enabled Identity Providers. Enter your Callback/Redirect URL which you will get from your miniOrange OAuth client module present on your Client side under the CallBack URls text-field. Select Authorization code grant checkbox under the Allowed OAuth Flows and also select openid and profile checkboxes under the Allowed OAuth Scopes option (Please refer to the image below). Click on the Save Changes button to save your configurations.
  • aws cognito joomla, save your configuration
  • Click on Choose Domain Name option to set a domain name for your app.
  • aws cognito joomla, domain name
  • Enter your Domain Name under the Domain Prefix text-field and click on the Save Changes button to save your domain name.
  • aws cognito joomla, domain prefix
  • Click on App Clients option under the General Settings menu in the left side navigation bar. Then, click on the Show Details button to see your App details like Client ID, Client secret etc.
  • AWS cognito app detail client ID,client secret
  • Copy the Client App ID and App Client Secret text field values and save them under your miniOrange OAuth client module present on the client side under the Client Id and the Client Secret text fields respectively.
  • aws cognito joomla, client app id,client app

    AWS Cognito Endpoints and Scope:


    Client ID : See above
    Client Secret : See above
    Scope: openid
    Authorize Endpoint: https://<cognito-app-domain>/oauth2/authorize
    Access Token Endpoint: https://<cognito-app-domain>/oauth2/token
    Get User Info Endpoint: https://<cognito-app-domain>/oauth2/userInfo
    Custom redirect URL after logout:[optional] https://<cognito-app-domain>/logout?client_id=<Client-ID>&logout_uri=<Sign out URL configured in Cognito Portal>
  • You have successfully completed your AWS Cognito App OAuth Server side configurations.

Step 2: Configure miniOrange Joomla OAuth Client plugin.

  • Download the zip file for the miniOrange OAuth Client plugin for Joomla from the link here.
  • aws cognito joomla, the zip for Joomla
  • Login into your Joomla site’s administrator console.
  • Go to Extension Manage Install in the top navigation bar to install the plugin.
  • aws cognito joomla, plugin
  • Upload the downloaded zip file to install the OAuth Client plugin.
  • aws cognito joomla, oauth provider zip
  • Navigate to Extensions Manage Manage and search for miniorange in the Search bar provided to see the list of the components.
  • Go to Components MiniOrange OAuth Client in the top navigation bar to go to the configuration page of the plugin.
  • aws cognito joomla, oauth provider OAuth Client
  • Register/ Login with miniOrange.
  • Go to the Configure OAuth tab in the plugin. FIll in the details you received from your OAuth Provider and click on the Save Settings button.
  • aws cognito joomla, oauth provider OAuth tab

    Select your OAuth Provider from the Select Application dropdown. In case your OAuth Provider is not listed in the drop down, please select Custom OAuth Provider to continue.

  • Copy the Redirect/Callback URL given in the plugin and save it in your OAuth Provider.
  • Click on the Test Configuration button and copy the email and name attributes and save these attributes in Email Attribute and Name Attribute text field respectively. Now click on the Save Attribute Mapping button to save your configurations.
  • aws cognito joomla, oauth provider Application aws cognito joomla, oauth provider Attribute Mapping
  • Add a button on your site login page with the following URL:your_home_page/base_url/?morequest=oauthredirect&app_name=xxxxxxxxx
  • You would find appropriate URL in Instructions to configure in the bellow section of Attribute Mapping (After completing test configuration please choose URL and Add a button on your site login page).

  • Now logout and go to your site. You will see a login link where you placed that button.
  • Click on the Licensing Plans Tab to check out our complete list of features and various licensing plans.
  • In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support dialog box in the Account Setup and Configure OAuth tabs.
  • aws cognito joomla, oauth provider server sso submit query

    Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your desired OAuth Provider. In case you have any questions in mind, you can always mail us at joomlasupport@xecurify.com.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com