Search Results :

×

Drupal OAuth Server & OpenID Connect Provider

Transform your Drupal website into a secure OAuth 2.1 Authorization Server and OpenID Connect (OIDC) Provider. Enable Single Sign-On (SSO), secure APIs, authenticate headless applications, AI agents, MCP servers, and machine-to-machine communications using industry-standard OAuth and OpenID Connect protocols.
Drupal OAuth Server - Banner Image

Our Trusted Customers

See All Customers →

  • Drupal | Drupal Passwordless Authentication - NASA
  • Drupal | Drupal Passwordless Authentication - Nestlé
  • Drupal | Drupal Passwordless Authentication - Sony Pictures
  • Drupal | Drupal Passwordless Authentication - UNICC
  • Drupal | Drupal Passwordless Authentication - Vodafone
  • Drupal | Drupal Passwordless Authentication - Wipro
  • Drupal | Drupal Passwordless Authentication - University of Virginia

OAuth 2.1 & OpenID Connect Core Features

  • JWT Support and Signing Algorithms

    Ensure JSON Web Token (JSON) support with our Drupal OAuth 2.0 Server module. Further, the signing algorithm ensures that the content of the JWT is authentic and unaltered during its transmission between client and server applications.

  • Webhooks

    Automatically notify external applications when authentication and authorization events occur in Drupal. Configure webhooks to send data instantly to third-party applications, workflows, and monitoring systems, ensuring seamless communication across your ecosystem.

  • Custom Scope Management

    Create and manage custom scopes to enforce fine-grained access control across your Drupal applications and APIs. Restrict access to sensitive resources and ensure applications only receive the permissions they require.

  • OAuth 2.1 & OIDC Support

    Transform Drupal into a standards-compliant OAuth 2.1 Authorization Server and OpenID Connect Provider for secure user authentication.

Login & Access Security Features
Additional Security Controls Features
  • Front-Channel Logout

    Automatically terminate user sessions across connected applications when a logout request is initiated, helping maintain security and session consistency.

  • Customise Token Expiry

    Set custom expiration times for access, refresh, and ID tokens. Configure different token lifetimes for each application or client to enhance granular security and access control.

  • Support for Multiple OAuth/OIDC Clients

    Manage multiple client applications, each with its own configuration, credentials, grant types, and redirect URIs—all from one interface.

  • Active Drupal 7 Support

    While official support for Drupal 7 has ended, our module continues to offer full compatibility, ensuring seamless functionality for your Drupal 7 site.

Integrate SSO with Drupal in Minutes

Connect your Drupal site as an OAuth Server and enable secure OAuth-based authentication for seamless integration with external applications without complex configuration.

OAuth & Authentication Configuration Features

Customized Claims in ID Token

Customized Claims in ID Token

Add custom fields from user profiles into the ID token claims to share additional information with connected clients.

Multiple Callback URLs

Multiple Callback URLs

Register and manage multiple redirect URIs per client for different environments (e.g., dev, staging, prod) or app modules.

Support for Headless Integration

Support for Headless Integration

Enable OAuth authentication in headless or decoupled frontend applications where no UI interaction is involved.

Industry-Leading Products

Enforce State Parameter

Enable strict usage of the state parameter to prevent CSRF attacks and maintain request integrity across redirects.

Consent Screen

Consent Screen

Replace the default consent page with a custom consent experience that matches your application's branding and user journey, providing users with greater transparency into requested permissions.

Pricing Plans

Select the perfect plan for you

Configure plan in 2 easy steps

Select Number of Users
Approximate count of users who will use Drupal credentials for SSO login access.
Select Payment Type
For bulk discounts

FREE

$0 / year
  • Authorization Code Grant
  • Support for Symmetric JWT Signing Algorithms
  • Customise Response Attributes Basic
  • Enable/Disable Master Switch
  • Debug Logs
  • Webhooks support
  • Custom Scopes
  • Multiple Client Secrets
  • Front Channel Logout

PREMIUM

Prepaid

Annual Billing

$450 / year
Postpaid

Monthly Billing

$45 / month
  • Support for Multiple OAuth Clients
  • Customised claims in ID-token
  • Multiple Callback URL
  • Webhooks support
  • Customise Token Expiry
  • OIDC Support
  • Support for Asymmetric JWT Signing Algorithms
  • Server/Drupal Initiated Login

Why Choose miniOrange?

Our customers not only rely on our products but also trust our dedicated support.

24/7 Support

24/7 Support

Get prompt support from our technical experts, available round the clock for direct assistance.

Industry-Leading Products

Industry-Leading Products

Our security suite offers comprehensive protection with a user-friendly interface and customization options.

Documentation

Comprehensive Documentation

Access a detailed knowledge base, including step-by-step guides and instructional videos.

Setup Single Sign-On In 3 Simple Steps

wordpress media access control | Step1

Step 01

Download and Install

Download and install the Drupal OAuth Server module from the Drupal marketplace.

wordpress prevent direct access plugin | Step2

Step 02

Configure OAuth Client

Create an OAuth client by entering the Application Name and Callback/Redirect URL of your application.

wordpress media access control | Step3

Step 03

Copy Client Credentials

Copy the generated Client ID and Client Secret from Drupal and configure them in your OAuth client application.

Explore Drupal OAuth SSO Capabilitie

Get the module and quickly configure your Drupal site as an OAuth Server to enable seamless and secure SSO integration with external applications.

OAuth 2.1 Security &
API Access Control
Features

OAuth 2.1 Authentication Flows

Implement secure authentication with OAuth 2.1 recommended flows, including Authorization Code with PKCE, Client Credentials, and Refresh Tokens for enhanced security and compliance.

AI Agents & MCP Server Authentication

Securely authenticate AI agents and MCP integrations using OAuth 2.1. Control access to Drupal resources with token-based authorization and granular permissions.

API Security & Access Control

Protect APIs with secure access tokens, custom scopes, and role-based access controls. Ensure only authorized applications and users can access protected resources.

Activity Logs

Track OAuth authentication and authorization activities with detailed audit logs. Monitor user actions, token events, and security-related operations for better visibility and compliance.

Industries We Serve

Industry-ready unified endpoint management & security solution for every unique security need.

Government Industry

Government

Secure citizen-facing portals and internal portals with centralized authentication. Integrate with existing identity providers and enforce strict access controls, ensuring compliance, data protection, and controlled access across all departments.

Education Industry

Education

Provide students, faculty, and staff with seamless access to learning platforms using institutional credentials. Reduce login friction while maintaining secure and scalable authentication across multiple systems.

Healthcare Industry

Healthcare

Protect sensitive patient data and critical medical systems with secure authentication. Enable role-based access, session control, and compliance with industry standards while ensuring only authorized users have access to healthcare applications.

OAuth 2.1 Authentication Use Cases

Drupal OAuth Server powers secure authentication and authorization across modern applications, APIs, AI systems, and digital experiences.

Single Sign-On (SSO) for Enterprise Applications

Provide a seamless login experience across multiple websites and applications using Drupal as a centralized OAuth 2.1 and OpenID Connect Provider. Users authenticate once and securely access all connected applications without managing multiple credentials.

API Security & Developer Platforms

Protect Drupal APIs and backend services with OAuth access tokens, scopes, and authorization policies. Ensure only approved applications, partners, and developers can access protected resources while maintaining complete control over permissions.

Headless Drupal & Modern Frontend Applications

Secure React, Next.js, Angular, Vue.js, and mobile applications using OAuth 2.1 authentication. Drupal acts as the central identity provider while frontend applications consume content and services through protected APIs.

Mobile Applications & Customer Portals

Enable secure authentication for native iOS and Android applications, customer portals, and self-service platforms. Support modern OAuth flows with PKCE to provide a secure and frictionless login experience.

Machine-to-Machine Authentication

Allow backend applications, microservices, and automated systems to communicate securely without user interaction. OAuth Client Credentials Flow enables trusted service-to-service authentication while maintaining strict access controls.

AI Agents & Intelligent Systems

Facilitate seamless integration between AI agents and Drupal's content management capabilities. Ensure secure and compliant interaction between intelligent systems and enterprise data.

MCP Server Integrations

Enable secure authentication for Model Context Protocol (MCP) servers and AI ecosystems. Control how AI applications interact with Drupal resources, enterprise data, and business services through standardized OAuth-based authorization.

Single Sign-On (SSO) for Enterprise Applications

Provide a seamless login experience across multiple websites and applications using Drupal as a centralized OAuth 2.1 and OpenID Connect Provider. Users authenticate once and securely access all connected applications without managing multiple credentials.

Frequently Asked Questions

FAQ | Module FAQsModule Inquiries

Does miniOrange store any user data?

miniOrange does not transfer any data out of your systems or store any Personal Identifiable Information (PII). All the modules are completely on premise. All the data remains within your premises / server. Only for the Drupal 2FA module - We need to store the user's email address. For Risk Based Authentication, information such as device type, location, IP address, and time are necessary to identify the user and give access based on the risk.

Does miniorange provide developer license for paid module?

We do not provide the developer license for our paid module and the source code is protected. It is strictly prohibited to make any changes in the code without having written permission from miniOrange. There are hooks provided in the module which can be used by the developers to extend the module's functionality.

Does miniOrange offer technical support?

Yes, we provide 24*7 support for all and any issues you might face while using the module, which includes technical support from our developers. You can get prioritized support based on the Support Plan you have opted for. You can check out the different Support Plans here.

How to activate the Premium Module on my Drupal Site?

  1. Once you complete the payment, go to the miniOrange Dashboard to download your premium module or followthe Composer installation steps.
  2. To activate the paid module, go to the Registration /Login tab and login with your miniOrange account for which you have purchased a license.
  3. Once you are logged in, it will ask you to enter your license key. Go to miniOrange Dashboard → License → View License Key to get your license key.

How can I free up my license Key?

You can remove the license key from the module by clicking on the Remove Account button from the Register/Login tab of the module.

Want to Schedule a Demo?

mo-form

 Thank you for your response. We will get back to you soon.

Something went wrong. Please submit your query again

Hello there!

Need Help? We are right here!

support