Search Results :

×

Google Drupal SSO Login integration using OAuth / OpenID connect

Google Drupal OAuth / OpenID Connect integration enables SSO between the Drupal site and Google. This setup guide helps in configuring Single Sign-On (SSO) between the Drupal site and Google using the OAuth/OpenID Connect module. This module is compatible with Drupal 7, Drupal 8, Drupal 9, Drupal 10, and Drupal 11. When you incorporate the OAuth / OpenID Connect module with the Drupal site, you can log into the Drupal site seamlessly with the Google credentials.

  • Download the module:
    composer require 'drupal/miniorange_oauth_client'
  • Navigate to Extend menu on your Drupal admin console and search for miniOrange OAuth Client Configuration using the search box.
  • Enable the module by checking the checkbox and click on the Install button.
  • You can configure the module at:
    {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
  • Install the module:
    drush en drupal/miniorange_oauth_client
  • Clear the cache:
     drush cr
  • You can configure the module at:
    {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
  • Navigate to Extend menu on your Drupal admin console and click on Install new module.
  • Install the Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on install button.
  • You can configure the module at:
    {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
  • Go to ConfigurationPeopleminiOrange OAuth Client Configuration in the Administration menu. (/admin/config/people/miniorange_oauth_client)
Drupal OAuth Client - select mimiorange OAuth Client Configuration
  • Under the Configure OAuth tab select desired OAuth Provider from the dropdown.
  • Note and Contact Us - SSO between two WordPress sites

    Note: If the desired OAuth Provider is not listed in the dropdown, please select Custom OAuth Provider / Custom OpenID Provider and continue.

Drupal OAuth Client - select OAuth Provider
  • Copy the Callback/Redirect URL and keep it handy. This will be required while configuring the OAuth Provider.
  • Note and Contact Us - SSO between two WordPress sites

    Note: If your provider only supports HTTPS Callback/Redirect URLs and you have an HTTP site, please make sure to enable the 'Enforce HTTPS Callback URL' checkbox at the bottom of the tab.


  • Enter the OAuth provider name in the Display Name text field.
Drupal OAuth Client - Copy Callback URL
Google Apps SSO Select Project

  • On the Select a project popup, click on the NEW PROJECT button to create a new project or choose one of the current ones to continue.
Google Apps SSO Create a New Project

  • In the New Project panel, enter the following information:
    • Enter the name of your project into the Project name text field.
    • Click on CREATE button to create the project.
Google Apps SSO Project Name Field

  • From the left navigation panel, click on Credentials.
Google Apps SSO Select APIs and Services then credentials

  • Click the CREATE CREDENTIALS button, and select OAuth client ID from the list of options.
Google Apps SSO - Click on Create Credentials button

  • If you get a warning that says, To create an OAuth Client ID, you must first set a product name on the consent screen (as shown in the image below), ignore it. Click on the CONFIGURE CONSENT SCREEN button.
Google Apps SSO - Click on the CONFIGURE CONSENT SCREEN

  • On the OAuth consent screen window, choose how you want to configure and register your app, select the User Type and click on CREATE button.
Google Apps SSO - Select User Type and Click the Create

  • Enter the following information in the Edit app registration window:
    • In the App name text field, enter the name of the application.
    • Enter your email address in the User support email text field so that people can contact you with queries concerning their consent.
    • In the Developer contact information text field, type in the email address. (Its email addresses are essential for Google to notify you of any changes to your project.)
Google Apps SSO - Under OAuth consent screen, enter required information

  • Then, click on SAVE AND CONTINUE button.
  • On the Scopes screen, click on the ADD OR REMOVE SCOPES button.
Google Apps SSO - click ADD OR REMOVE SCOPES

  • Select Scopes to grant your project access to specific types of user information from their Google Account, then scroll down and click on UPDATE button.
Google Apps SSO - Select Scope

  • After you've finished adding scopes, click on the SAVE AND CONTINUE option.
Google Apps SSO Click on Save and Continue button

  • Then, from the left side panel, select the Credentials tab and click the + CREATE CREDENTIALS button.
Google Apps SSO select Credentials and click create credentials

  • When you click the CREATE CREDENTIALS button and choose the OAuth client ID from the drop-down menu.
Google Apps SSO click Credentials and select OAuth client ID

  • Enter the following information in the Create OAuth client ID window:
    • Choose Web application from the Application type dropdown menu.
    • Name: Enter the Name of your OAuth 2.0 client. (This name is just used to identify the client in the console.)
    • Authorised redirect URIs: Click the ADD URI button and paste the previously copied Callback/Redirect URL from Drupal into the text field.
Google Apps SSO - In the Create OAuth client ID window, enter required information

  • Then, click on CREATE button.
  • From the popup copy the Client ID and Client Secret. Keep it handy. It will require to configure Drupal as OAuth client.
Google Apps SSO - Drupal-Auth-SSO-Google-Apps-Copy-Client-ID-Seceret

  • Go to miniOrange OAuth Client module.
  • In Drupal’s Configure OAuth tab paste the copied Client ID and Client Secret from Google in the Client ID and Client Secret text fields.
Drupal OAuth/OoenId connect- paste the copied Client ID and Client Secret

  • Confirm the Scope and Endpoints from the table below and click on the Save Configuration button.
  • Scope email+profile
    Authorize EndPoint https://accounts.google.com/o/oauth2/auth
    Access Token Endpoint https://www.googleapis.com/oauth2/v4/token
    Get User Info Endpoint https://www.googleapis.com/oauth2/v1/userinfo
  • After successfully saving the configurations, please click on the Perform Test Configuration button to test the connection between Drupal and OAuth Provider.
OAuth-OIDC-Client-Configuration-Check-Connection-with-OAuth-Provider
  • On a Test Configuration popup, if you don't have any active sessions on the same browser, you will be requested to login to the OAuth Provider. After successfully logging, you will be provided a list of attributes received from the OAuth Provider.
  • Select the Email Attribute from the dropdown menu in which the user's email ID is obtained and click on the Done button.
  • Note and Contact Us - SSO between two WordPress sites

    Note: Mapping the Email Attribute is mandatory for your login to OAuth Provider.

Drupal OAuth Client - select Email Attribute
  • On the Attribute & Role Mapping tab, please select the Username Attribute from the dropdown list and click on the Save Configuration button.
Drupal OAuth Client - select user attribute and click save configuration
  • Now log out and go to your Drupal site’s login page. You will automatically find a Login with OAuth Provider link there. If you want to add the SSO link to other pages as well, please follow the steps given in the image below:
Drupal OAuth Client - add link on other pages

If you face any issues during the configuration or if you want some additional features, please contact us at drupalsupport@xecurify.com.

More FAQs ➔

Follow the steps mentioned HERE

Follow the steps mentioned HERE

The logout functionality you've mentioned here is the default behavior of a module. It's logging you out of Drupal but not from your Application/Provider. To allow the module to logout from your provider/application account (what you are looking for), you need to make the below configurations: [know more]

As you have upgraded to one of our paid versions of the Drupal module and replaced the free module with the paid one, you must first activate the paid module. Please refer to the below steps. [Know more]


[MO_CONTACT_US]
ADFS_sso ×
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com