Google Drupal SSO Login integration using OAuth / OpenID connect
Google Drupal OAuth / OpenID Connect integration enables SSO between the Drupal site and Google. This setup guide helps in configuring Single Sign-On (SSO) between the Drupal site and Google using the OAuth/OpenID Connect module. This module is compatible with Drupal 7, Drupal 8, Drupal 9, and Drupal 10. When you incorporate the OAuth / OpenID Connect module with the Drupal site, you can log into the Drupal site seamlessly with the Google credentials.
After installing the module, navigate to the Configuration -> miniOrange OAuth Client Configuration -> Configure OAuth tab and select Google from the Select Application dropdown list.
Copy the Callback/Redirect URL and keep it handy.
Please Note: If you have an HTTP Drupal site, and Google enforces the HTTPS Redirect URI. Please navigate to the Sign In Settings tab of the module and set the base URL of the site with HTTPS in the Base URL text field.
In the Display Name text field, enter the application name. For example, Google Apps
On the Select a project popup, click on the NEW PROJECT button to create a new project or choose one of the current ones to continue.
In the New Project panel, enter the following information:
Enter the name of your project into the Project name text field.
Click on CREATE button to create the project.
From the left navigation panel, click on APIs & Services, then Credentials.
Click the CREATE CREDENTIALS button, and select OAuth client ID from the list of options.
If you get a warning that says, To create an OAuth Client ID, you must first set a product name on the consent screen (as shown in the image below), ignore it. Click on the CONFIGURE CONSENT SCREEN button.
On the OAuth consent screen window, choose how you want to configure and register your app, select the User Type and click on CREATE button.
Enter the following information in the Edit app registration window:
On the OAuth consent screen step 1, fill out the following information under App information:
In the App name text field, enter the name of the application.
Enter your email address in the User support email text field so that people can contact you with queries concerning their consent.
In the Developer contact information text field, type in the email address. (Its email addresses are essential for Google to notify you of any changes to your project.)
Then, click on SAVE AND CONTINUE button.
On the Scopes screen, click on the ADD OR REMOVE SCOPES button.
Select Scopes to grant your project access to specific types of user information from their Google Account, then scroll down and click on UPDATE button.
After you've finished adding scopes, click on the SAVE AND CONTINUE option.
Then, from the left side panel, select the Credentials tab and click the + CREATE CREDENTIALS button.
When you click the CREATE CREDENTIALS button and choose the OAuth client ID from the drop-down menu.
Enter the following information in the Create OAuth client ID window:
Choose Web application from the Application type dropdown menu.
Name: Enter the Name of your OAuth 2.0 client. (This name is just used to identify the client in the console.)
Authorised redirect URIs: Click the ADD URI button and paste the previously copied Callback/Redirect URL (From step 1) into the text field.
Then, click on CREATE button.
Integrating Drupal with Google:
Navigate to the Google Developer Console.
Google assigns your app a unique Application ID. Copy the Client ID by clicking the copy Icon in the OAuth client Created box.
Paste the copied Client ID into the Client ID text field in Drupal's Configure OAuth tab.
Go back to the Google Apps console and copy the Client secret by clicking on the copy Icon.
Paste the copied Client secret into the Client Secret text field in Drupal's Configure OAuth tab.
Please confirm the Scope and Endpoints from the table below and click on the Save Configuration button
Access Token Endpoint
Get User Info Endpoint
Test Connection between Drupal and Google:
Click on the Perform Test Configuration button to test the connection.
On a Test Configuration popup, if you don't have an active session in Google on the same browser, you'll be prompted to sign in to Google. Once successfully logged in, you'll receive a list of attributes retrieved from Google.
Select the Email Attribute from the dropdown menu in which the user's email ID is obtained and click on the Done button.
On the Attribute & Role Mapping tab, please select the Username Attribute from the dropdown list and click on the Save Configuration button.
Please note: Mapping the Email Attribute is mandatory for Single Sign-on.
Congratulations! You have successfully configured Google as OAuth/OpenID Provider and Drupal as an
How to perform
Now, open a new browser/private window and go to your Drupal site login page.
Click on the Login using the Google link to initiate the SSO from Drupal.
If you want to add the SSO link to other pages as well, please follow the steps given in the image below:
If you face any issues during the configuration or if you want some additional features, please contact us at firstname.lastname@example.org.
After I click on the logout in Drupal, it sends me back to
the Drupal homepage. However, when I try to login with other user, it doesn’t ask me to login but
automatically logs me in with same user
The logout functionality you’ve mentioned here is the default
behavior of a module. It’s logging you out of Drupal but not from your Application/Provider.
To allow the module to logout from your provider/application account (what you are looking for), you
need to make the below configurations: [know more]
I purchased the paid Drupal module and replaced it with
the free module, but still I am not able to use paid features.
As you have upgraded to one of our paid versions of the
Drupal module and replaced the free module with the paid one, you must first activate the paid
module. Please refer to the below steps. [Know more]
miniOrange has successfully catered to the use cases of 400+ trusted customers with its highly
flexible/customizable Drupal solutions. Feel free to check out some of our unique case studies using
Feel free to explore other Drupal solutions that we offer here. The
popular solutions used by our trusted customers include Two Factor Authentication - 2FA, Website
Security, REST & JSON API Authentication, User Provisioning and Sync.
If you dont hear from us within 24 hours, please feel free to send a follow up email to email@example.com
This privacy statement applies to miniorange websites describing how we handle the personal
When you visit any website, it may store or retrieve the information on your browser, mostly in the
form of the cookies. This information might be about you, your preferences or your device and is
mostly used to make the site work as you expect it to. The information does not directly identify
you, but it can give you a more personalized web experience.
Click on the category headings to check how we handle the cookies.
Strictly Necessary Cookies
Necessary cookies help make a website fully usable by enabling the basic functions like site
navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any
personal identifiable information. However, some parts of the website will not work properly without
These cookies only collect aggregated information about the traffic of the website including -
visitors, sources, page clicks and views, etc. This allows us to know more about our most and least
popular pages along with users' interaction on the actionable elements and hence letting us improve
the performance of our website as well as our services.