How to configure SSO between two Drupal sites?
Wherein one Drupal site as an SP and other one is Drupal as IDP:
Drupal SAML SP Single Sign On (SSO) module would allow you to configure SAML 2.0 based Single Sign On (SSO) between your 2 Drupal sites. This module will let you configure one of your Drupal Sites as your Service Provider (Drupal as SP) and your other Drupal Site as the IdP (Drupal as IdP)
If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule an online meeting to help you configure the Drupal SAML Service Provoder - SAML 2.0 as SP SSO Login module and Drupal SAML Identity Provider - SAML 2.0 as IDP Single Sign-On Login module.
Steps to configure SSO for two Drupal site using SAML Single Sign-On Login and One Drupal as Identity Provider (IDP)
Pre-requisite: Download and Installation
- Download the module:
composer require 'drupal/miniorange_saml_idp'
- Navigate to Extend menu on your Drupal admin console and search for miniOrange SAML Identity Provider using the search box.
- Enable the module by checking the checkbox and click on install button.
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml_idp/idp_setup
- Install the module:
drush en miniorange_saml_idp
- Clear the cache:
drush cr
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml_idp/idp_setup
- Navigate to Extend menu on your Drupal admin console and click on Install new module button.
- Install the Drupal SAML IDP 2.0 Single Sign On (SSO) - SAML Identity Provider module either by downloading the zip or from the URL of the package (tar/zip).
- Click on Enable newly added modules.
- Enable this module by checking the checkbox and click on install button.
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml_idp/idp_setup
2. Setup Drupal as Identity Provider
- Navigate to the Configuration tab and Select Drupal SAML IDP Configuration.
- In the IDP Metadata, Copy the IDP Entity ID/Issuer and SAML Login URL and Keep it handy.
- In the Service Provoder Setup tab, and enter the name of Service Provider as Drupal as SP.
- Navigate to the Service Provider Setup tab of the miniOrange SAML Identity Provider module on your Drupal site. There are two way to configure your Identity Provider ( Drupal as SAML IDP ):
- Click on UPLOAD SP METADATA link.
- You can either Upload Metadata File and click on Upload button or use a Upload Metadata URL and click on Fetch Metadata.
- Navigate to Identity Provider Setup tab of the miniOrange Drupal IDP module.
- Provide the required settings (i.e. Service Provider Name, SP Entity ID or Issuer, ACS (Assertion Consumer Service) URL, X.509 Certificate (Optional)) as provided by your Service Provider ( Drupal as SP ).
- Click on the Save Configuration button to save your configuration. Then click on Test Configuration button to test your configuration.
| Service Provider Name | Name of your Service Provider. |
| SP Entity ID or Issuer | Copy the SP Entity ID/Issuer from the Service Provider Metadata tab in miniorange SAML Service Provider module from your Drupal site. |
| ACS URL | Copy the SP ACS URL from the Service Provider Metadata tab in miniorange SAML Service Provider module from your Drupal site. |
| NameID Format | urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress |
| Assertion Signed | Checked |
3. Setup Drupal as Service Provider
- Login in your Drupal site’s admin console and click on Extend from the top navigation bar.
- Select the Install new module option to install a new module on your Drupal site.
- Upload the downloaded zip file of the Module and click on the Install button to continue.
- Select Enable newly added modules.
- Scroll down till you find miniOrange SAML Service Provider. Click on the checkbox next to it and click on the Install button to enable the module.
- Click on Configuration from the top navigation bar and Select miniOrange SAML Login Configuration.
- In the miniOrange SAML Service Provider module, navigate to Service Provider Metadata tab. Here, you can find the SP metadata such as SP Entity ID / Issure, SP ACS URL (AssertionConsumerService) and X.509 Certificate which are required to configure the Identity Provider ( Drupal ), Copy it and keep it handy.
- You can provide metadata to your IDP. This can be accomplished in two ways:
- You are given a metadata URL that you can provide directly to your IdP.
- You can Download XML Metadata file and upload it on your Identity Provider ( Drupal ).
- In the miniOrage SAML Service Provider module, go to Service Provider Setup tab of the module. There are two way to configure Drupal SAML Service Provider SSO module:
- Click on Upload IDP Metadata link.
- Click on Upload Metadata File and click on Upload File to fetch your information.
- You can either Upload Metadata URLand click on Fetch Metadata button.
- Provide the required settings (i.e. Identity Provider Name, Idp Entity ID or Issuer, SAML Login URL and X.509 Certificate ) find to your Identity Provider Drupal as IDP and click on Save Configuration button to save your configuration.
A. By Uploading IDP Metadata
B. Manual Configuartion
| Identity Provider Name | Enter name of Identity Provider |
| Idp Entity ID or Issuer | Copy IDP-Entity ID / Issuer from Drupal IDP Metadata tab and paste it. |
| SAML Login URL | Copy SAML Login URL from Drupal IDP Metadata tab and paste it. |
| SAML Logout URL | Copy SAML Logout URL from Drupal IDP Metadata tab and paste it. |
| X.509 Certificate | Copy and Download Certificate (Optional) from Drupal IDP Metadata tab and paste it. |
24*7 Active Support:
If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal SAML IDP & Drupal SAML SP modules or call us at +1 978 658 9387.
Free Trial:
If you would like to test out the module to ensure your business use case is fulfilled, we do provide a 7-day trial. Please drop us an email at drupalsupport@xecurify.com requesting a trial. You can create an account with us using this link.
Additional Resources
- What is Single Sign-On (SSO)
- What is SAML?
- What is SSO? How works SAML SSO authentication?
- Frequently Asked Questions (FAQs)
Our Other modules:
Need Help? We are right here!
