Search Results :

×
Sign Up Contact Us

Contents

Setup External Identity Provider Authentication in Drupal

The External Identity Provider Authentication method allows you to secure and restrict access to your Drupal REST APIs using tokens from third-party providers such as Google, Azure AD, Keycloak, Okta, or GitLab. By integrating with your Identity Provider, this method ensures that only authenticated users can access your Drupal APIs. The access token used in this method is strictly obtained from an external Identity Provider (IdP). Drupal API Authentication module supports Drupal 8, 9, 10, and 11.

free trial plugin Download plugin pricing button schedule meeting button Schedule a Meeting
  • Download the module: 
    composer require 'drupal/rest_api_authentication'
  • Navigate to Extend menu on your Drupal admin console and search for REST & JSON API Authentication using the search box.
  • Enable the module by checking the checkbox and click on the Install button.
  • You can configure the module at: 
    {BaseURL}/admin/config/people/rest_api_authentication/auth_settings
  • Install the module: 
    drush en drupal/rest_api_authentication
  • Clear the cache: 
     drush cr
  • You can configure the module at: 
    {BaseURL}/admin/config/people/rest_api_authentication/auth_settings
Note and Contact Us - SSO betwee two WordPress sites

Note: Manual Installation only compatible with Drupal 7, Drupal 8, and Drupal 9.


  • Navigate to Extend menu on your Drupal admin console and click on Install new module.
  • Install the Drupal miniOrange API Authentication module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on install button.
  • You can configure the module at: 
    {BaseURL}/admin/config/people/rest_api_authentication/auth_settings
  • REST UI: This module provides a user-friendly interface to configure the REST module.
  • Enable the following Web Services modules from the Extend section (/admin/modules) of your Drupal site:
    • JSON:API
    • REST UI
    • RESTful Web Services
    • Serialization
Drupal API Authentication install the modules

  • The first step is to enable the API and assign the methods and operations allowed for that API. This can be done using the REST UI module, or by directly modifying the Drupal config.
  • Click on the Enable API button.
  • To enable the API using the REST UI module, click the Configure button (as shown below).
Drupal API Authentication REST UI Configure

  • In our example, we need to enable the /entity/user API. To do this, click the Enable option in front of it.
Drupal API Authentication user resources

  • Since our goal is to create a user in Drupal, select the following configurations:
    • Method: POST
    • Format: JSON
    • Authentication Provider: rest_api_authentication
  • This allows the miniOrange API Authentication module to authenticate the API. Click the Save Configuration button to continue.
Drupal API Authentication Resource Settings

  • In this step, we will set up External Identity Provider as an API Authentication. To do this, navigate to the API Authentication tab of the module (/admin/config/people/rest_api_authentication/auth_settings).
    • Under Basic Configuration, enable the Enable Authentication toggle.
    • Enter the Application Name and select External Identity Provider from the Authentication Method section.
Drupal API Authentication select External Identity Provider method

  • Scroll down to the External Identity Provider Configuration section on the same tab.
    • Enter the User Info Endpoint of your Identity Provider in the given field, so the module can fetch user details using the provided token.
    • In the Username Attribute, enter the attribute key or name from your Identity Provider that contains the username sent by the external provider.
    • Click the Save Configuration button.
Drupal API Authentication Enter Username to create API key

  • You have successfully configured the External Identity Provider method.
    • Note and Contact Us

    Note: Use the application-specific unique header when authenticating the API.

Drupal External Identity Provider method configured successfully

  • If needed, you can allow non-admin Drupal roles to create users. To do this, assign the Administer users permission to the desired roles from the Permissions page (/admin/people/permissions) of your Drupal site.
Drupal API Authentication API Authentication method configured successfully

  • For better understanding, let’s take an example of adding External Identity Provider-based authentication to the create user API in Drupal.
    • Note and Contact Us

    Note: The /entity/user API in Drupal is used to create a new user.


  • To create a user in Drupal, send a POST request along with the token received from your Identity Provider.
    • HTML Request Format-

Request: POST  <your_drupal_base_url>/entity/user?_format=json

Header:      
             AUTH-METHOD: application_id
             Token: <Token_receievd_from_external_identity_provider>
             Accept: application/json
             Content-Type: application/json

Body: 

                {
                "name": {
                    "value": "<username>"
                },
                "mail": {
                    "value": "<email>"
                },
                "pass": {
                    "value": "<password>"
                },
                "status": {
                    "value": "1"
                }
                }

CURL Request Format-

curl --location --request POST  ‘<your_drupal_base_url>/entity/user?_format=json' \
                --header 'AUTH-METHOD: application_id' \
                --header 'Token: <Token_receievd_from_external_identity_provider>' \
                --header 'Accept: application/json' \
                --header 'Content-Type: application/json' \
                --data-raw '  

                {
                "name": [
                    { "value": "Username" }
                ],
                "mail": [
                    { "value": "email" }
                ],
                "pass": [
                    { "value": "Password" }
                ],
                "status": [
                    { "value": "1" }
                ]
                }
  • You can also refer to the Postman request image shown below.
Drupal External Identity Provider Postman request

Drupal API Authentication Postman body request

  • A successful response will return the details of the user you created (see the image below).
Drupal API Authentication Postman Response created user

Congratulations! You have successfully set up the External Identity Provider method using the Drupal API Authentication module.

If the configuration was not successful, please contact us at drupalsupport@xecurify.com. Kindly include a screenshot of the error window, and we will assist you in resolving the issue and guide you through the setup.

ADFS_sso ×
Hello there!

Need Help? We are right here!

support