Google SSO Login with Drupal OAuth Client | Drupal Google SSO

Drupal Google SSO integration will allow you to configure Single Sign-On ( SSO ) login between your Drupal site and Google using OAuth/OpenID protocol. Drupal OAuth 2.0/OpenID connect module gives the ability to enable login using OAuth 2.0/OIDC Single Sign-On to Drupal Site. We provide the Drupal OAuth/OpenID Client module for Drupal 7, Drupal 8, Drupal 9 and Drupal 10.
Here we will go through a guide to configure the SSO login between Drupal and Google. By following these steps, users of Google will be able to log into the Drupal site using their Google credentials.

If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule an online meeting to help you configure the Drupal OAuth & OpenID Connect Login – OAuth2 Client SSO Login module.

Video Setup Google Apps Single Sign-on Integration with Drupal OAuth/OpenID Client

You can refer the steps to configure Google Apps SSO integration with the Drupal OAuth/OIDC Client module from the Video or Documentation given below:

How to Integrate Google Apps Single Sign-on with Drupal OAuth/OpenID Client

1. Set up Drupal as an OAuth Client

• After setting up the module on your Drupal site, navigate to the Configuration tab and click the miniOrange OAuth Client Configuration module link.

• In the Configure OAuth tab, select Google from the Select Application dropdown menu.

Note: In case you can't find your Application/Provider in the Select Application dropdown list, choose the Custom OAuth 2.0 Provider insted.

• Copy the Callback/Redirect URL and keep it handy.

Please Note: If your provider only permits HTTPS, Callback/Redirect URL and you have an HTTP site, just save your base site URL as HTTPS in the Sign In Settings tab. For example, change http://example123/drupal to https://example123/drupal.

• In the Display Name text field, enter the application name. For example, Google Apps

2. Configure SSO Application in Google

• Log in to the Google Developer Administrator console.
• Select a project from the left side's top header.

• On the Select a project popup, click on the NEW PROJECT button to create a new project or choose one of the current ones to continue.

• In the New Project panel, enter the following information:
• Enter the name of your project into the Project name text field.
• Click on CREATE button to create the project.

• From the left navigation panel, click on APIs & Services, then Credentials.

• Click the CREATE CREDENTIALS button, and select OAuth client ID from the list of options.

• If you get a warning that says, To create an OAuth Client ID, you must first set a product name on the consent screen (as shown in the image below), ignore it. Click on the CONFIGURE CONSENT SCREEN button.

• On the OAuth consent screen window, choose how you want to configure and register your app, select the User Type and click on CREATE button.

• Enter the following information in the Edit app registration window:
• On the OAuth consent screen step 1, fill out the following information under App information:
• In the App name text field, enter the name of the application.
• Enter your email address in the User support email text field so that people can contact you with queries concerning their consent.
• In the Developer contact information text field, type in the email address. (Its email addresses are essential for Google to notify you of any changes to your project.)
• Then, click on SAVE AND CONTINUE button.

• On the Scopes screen, click on the ADD OR REMOVE SCOPES button.

• Select Scopes to grant your project access to specific types of user information from their Google Account, then scroll down and click on UPDATE button.

• After you've finished adding scopes, click on the SAVE AND CONTINUE option.

• Then, from the left side panel, select the Credentials tab and click the + CREATE CREDENTIALS button.

• When you click the CREATE CREDENTIALS button and choose the OAuth client ID from the drop-down menu.

• Enter the following information in the Create OAuth client ID window:
• Choose Web application from the Application type dropdown menu.
• Name: Enter the Name of your OAuth 2.0 client. (This name is just used to identify the client in the console.)
• Authorised redirect URIs: Click the ADD URI button and paste the previously copied Callback/Redirect URL (From step 1) into the text field.
• Then, click on CREATE button.

3. Integrating Drupal with Google

• Navigate to the Google Developer Console.
• Google assigns your app a unique Application ID. Copy the Client ID by clicking the copy Icon in the OAuth client Created box.

• Paste the copied Client ID into the Client ID text field in Drupal's Configure OAuth tab.

• Go back to the Google Apps console and copy the Client secret by clicking on the copy Icon.

• Paste the copied Client secret into the Client Secret text field in Drupal's Configure OAuth tab.


You can check the Scope and Endpoints that were retrieved from Google Apps, and then click on the Save Configuration button to save the Google Apps information.

Scope:	email+profile
Authorize Endpoint:	https://accounts.google.com/o/oauth2/auth
Access Token Endpoint:	https://www.googleapis.com/oauth2/v4/token
Get User Info Endpoint:	https://www.googleapis.com/oauth2/v1/userinfo

4. Test Configuration of Drupal with Google

• After successfully saving the configurations, click on the Perform Test Configuration button to test the connection between Drupal and Google.

• A Test Configuration window will appear after you click the Perform Test Configuration button. If you don't have an active Google Apps session in the same browser, you'll be asked to verify that you're logged in to Google Apps. After successfully logging in, you will see a list of attributes grabbed from Google Apps.
• Select the Email Attribute from the dropdown menu in which the user's email ID is obtained and click on the Done button.

• After clicking the Done button, you will be automatically initiated to the Attribute & Role Mapping tab. Now, you can also choose the Username Attribute from the dropdown list and click on the Save Configuration button.


Please note: Mapping the Email Attribute is mandatory for your login to work.

• Now log out and go to your Drupal site’s login page. You will automatically find a Login with Google link there. If you want to add the SSO link to other pages as well, please follow the steps given in the image below :

24*7 Active Support

If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal OAuth/OpenID Single Sign On module.

Additional Resources

• What is OAuth 2.0?
• What is OpenID Connect?
• What is OAuth 2.0 Authorization Code Grant?
• What is OAuth 2.0 Impicit Grant?
• What is OAuth 2.0 Password Grant?
• Frequently Asked Questions (FAQs)

Our Other modules