Search Results :

×
Sign Up Contact Us

Drupal OAuth/OpenID
Connect Server

Drupal OAuth/OIDC Server module allows users to perform Single Sign-On (SSO) to access client apps. To achieve this, the module converts your site to an OAuth server. OAuth 2.0 Server supports client apps such as Salesforce, Slack, Magento, Jira, Azure, WordPress, Joomla, Bitbucket, AWS Cognito, and Google.
Download Key Features Documentation
Key Features Documentation
Schedule a call with expert
Drupal OAuth Server - Banner Image

Our Trusted Customers

See All Customers →

  • Drupal | Drupal Passwordless Authentication - NASA
  • Drupal | Drupal Passwordless Authentication - Nestlé
  • Drupal | Drupal Passwordless Authentication - Sony Pictures
  • Drupal | Drupal Passwordless Authentication - UNICC
  • Drupal | Drupal Passwordless Authentication - Vodafone
  • Drupal | Drupal Passwordless Authentication - Wipro
  • Drupal | Drupal Passwordless Authentication - University of Virginia

Setup Single Sign-On In 3 Simple Steps

wordpress media access control | Step1

Step 01

Download and Install

Download and install the Drupal OAuth Server module from the Drupal marketplace.

wordpress prevent direct access plugin | Step2

Step 02

Add OAuth Client

To Add Client enter Application Name and Callback/Redirect URL of OAuth Client.

wordpress media access control | Step3

Step 03

OAuth Server Scope & Endpoints

Copy Scope and Endpoitns for OAuth Client.

Note and Contact Us

Need assistance setting up the SSO? Drop us an email, and we'll make sure you are up and running.

Key Features of Drupal OAuth Server Module

JWT Support and Signing Algorithm

Support JWTs with signing algorithms to keep data authentic and unaltered between client and server.

Support for all Grant Types

Supports all OAuth 2.0 grant types, including authorization code, client credentials, password, implicit, and refresh token.

Customise Response Attributes

Add user details like roles, permissions, or departments to ID tokens and the userinfo endpoint.

OIDC Support

Authenticate users with OpenID Connect (OIDC) support in the module.

Multiple Client Configuration

Configure multiple OAuth/OIDC clients on your Drupal site with ease.

Customise Token Expiry

Set custom token expiry times for OAuth/OIDC clients on your Drupal site.

Active Drupal 7 Support

Continue using Drupal 7 with confidence, as our module continues to provide active support even after official Drupal support has ended.

JWT Support and Signing Algorithms

JWT Support and Signing Algorithms

Ensure JSON Web Token (JSON) support with our Drupal OAuth 2.0 Server module. Further, the signing algorithm ascertains that the content in JWT is authentic and unaltered during its transmission between client and server applications.

Pricing Plans for Everyone

Transparent, Simple Pricing

Contact Us at

drupalsupport@xecurify.com
COMMUNITY

Users stored in your own Drupal database

$0/Year

Only for Admin users

ENTERPRISE

Users stored in your own Drupal database

$450/Year

$45/Month

For over 5,000 users, please get in touch with us for special discounted pricing.

No. Of User:

OAuth Server Integration Features

24/7 Support

Authorization Code Grant

Enables a secure, two-step OAuth 2.0 flow where users authenticate and receive an authorization code, which is then exchanged for an access token. Ideal for web applications.

Industry-Leading Products

OIDC Support

Adds OpenID Connect support to extend OAuth with user identity verification and ID tokens, enabling SSO and richer user profile sharing.

Documentation

Support for Symmetric JWT Signing Algorithms

Sign and verify JWTs using symmetric algorithms like HS256, HS384, and HS512 with a shared secret, suitable for trusted internal integrations.

24/7 Support

Enable/Disable Master Switch

Toggle the OAuth server functionality on or off instantly from a central setting, useful during maintenance or staging setups.

Industry-Leading Products

Support for Multiple OAuth/OIDC Clients

Manage multiple client applications, each with its own configuration, credentials, grant types, and redirect URIs—all from one interface.

Documentation

Customized Claims in ID Token

Add custom fields from user profiles into the ID token claims to share additional information with connected clients.

24/7 Support

Multiple Callback URLs

Register and manage multiple redirect URIs per client for different environments (e.g., dev, staging, prod) or app modules.

Industry-Leading Products

Support for Implicit, Password, Client Credentials, Refresh Token, and PKCE

You can create and use your own security certificates to sign or encrypt the SSO data instead of using the default ones. This helps meet specific security policies of your organization or clients.

Documentation

Customize Token Expiry

Define how long access tokens remain valid to balance security with user experience, configurable per client.

24/7 Support

Customize Callback URL Validation

Control how strictly redirect URIs are validated during authorization to support both static and dynamic apps.

Industry-Leading Products

Enforce State Parameter

Enable strict usage of the state parameter to prevent CSRF attacks and maintain request integrity across redirects.

Documentation

Consent Screen

Display a consent screen during login to show users what data will be shared with the client app.

24/7 Support

Support for Headless Integration

Enable OAuth authentication in headless or decoupled frontend applications where no UI interaction is involved.

Industry-Leading Products

Customize Response Attributes

Map complex or custom user fields to be included in token responses or sent as claims, tailored for app-specific needs.

Frequently Asked Questions

FAQ | Module FAQsModule Inquiries

Does miniOrange store any user data?

miniOrange does not transfer any data out of your systems or store any Personal Identifiable Information (PII). All the modules are completely on premise. All the data remains within your premises / server. Only for the Drupal 2FA module - We need to store the user's email address. For Risk Based Authentication, information such as device type, location, IP address, and time are necessary to identify the user and give access based on the risk.

Does miniorange provide developer license for paid module?

We do not provide the developer license for our paid module and the source code is protected. It is strictly prohibited to make any changes in the code without having written permission from miniOrange. There are hooks provided in the module which can be used by the developers to extend the module's functionality.

Does miniOrange offer technical support?

Yes, we provide 24*7 support for all and any issues you might face while using the module, which includes technical support from our developers. You can get prioritized support based on the Support Plan you have opted for. You can check out the different Support Plans here.

How to activate the Premium Module on my Drupal Site?

  1. Once you complete the payment, go to the miniOrange Dashboard to download your premium module or followthe Composer installation steps.
  2. To activate the paid module, go to the Registration /Login tab and login with your miniOrange account for which you have purchased a license.
  3. Once you are logged in, it will ask you to enter your license key. Go to miniOrange Dashboard → License → View License Key to get your license key.

How can I free up my license Key?

You can remove the license key from the module by clicking on the Remove Account button from the Register/Login tab of the module.

FAQ | Legal DocumentsLegal Documents

GDPR Compliance

End User License Agreement

Privacy Policy

Security Practices

SOC Compliance

Want to Schedule a Demo?

mo-form

 Thank you for your response. We will get back to you soon.

Something went wrong. Please submit your query again

Hello there!

Need Help? We are right here!

support