Setup OneLogin as a SCIM Client using the User Provisioning module in Drupal

Overview

User Provisioning provides you with the ability to manage all the users at a central user management identity. OneLogin Provisioning service supports SCIM 2.0 protocol for automatic provisioning/de-provisioning. miniOrange User Provisioning and Sync module implement the SCIM endpoints to allow provisioning/de-provisioning of users into the Drupal site as and when any CRUD operation is performed in the central identity i.e. OneLogin.

Installation Steps

• Using Composer
• Using Drush
• Manual Installation

• Download the module:

  composer require 'drupal/user_provisioning'

• Navigate to Extend menu on your Drupal admin console and search for miniOrange User Provisioning using the search box.
• Enable the module by checking the checkbox and click on the Install button.
• You can configure the module at:

  {BaseURL}/admin/config/people/user_provisioning/overview

• Install the module:

  drush en drupal/user_provisioning

• Clear the cache:

   drush cr

• You can configure the module at:

  {BaseURL}/admin/config/people/user_provisioning/overview

• Navigate to Extend menu on your Drupal admin console and click on Install new module.
• Install the Drupal User Provisioning and Sync module either by downloading the zip or from the URL of the package (tar/zip).
• Click on Enable newly added modules.
• Enable this module by checking the checkbox and click on install button.
• You can configure the module at:

  {BaseURL}/admin/config/people/user_provisioning/overview

Create Application in OneLogin

• Log into the OneLogin Developer console.
• From the Applications dropdown in the top navigation panel, click on Applications.

• Click on the Add App button.

• Search for SCIM and select SCIM Provisioner with SAML (SCIM v2 Core).

• Under the Display label text field, enter the Application name and click on the Save button in the top right corner.

Configure OneLogin with SCIM Client

• Navigate to the Configuration section.

• Navigate to the Drupal site and copy the SCIM Base URL

• Navigate back to the OneLogin console and paste the copied SCIM Base URL under the SCIM Base URL text field.

• Navigate to the Drupal site and copy the SCIM Bearer Token.

• Navigate back to the OneLogin console. Scroll down and paste the copied SCIM Bearer Token into the SCIM Bearer Token text field.
• Click on the Enable button.

• Click on the Save button.

• Navigate to the Provisioning section, check the Enable Provisioning checkbox, and click on the Save button.

• Navigate to the Users section under the Users tab.

• Select the user to provision on the Drupal site.

• Navigate to the Applications tab from the left navigation menu.

• Click on the + to add the application.

• From the Select application dropdown, select the application to assign the user and click on the Continue button.

• Enter the SCIM username and click on the Save button.

• Click on the Pending link.

• Click on the Approve button.

• If the user is successfully provisioned, the following screen will be shown:

• Let’s check if the user is provisioned to the Drupal site. Navigate to the Drupal site and click on the People tab from the top navigation panel. As per the following screenshot, the user has been successfully created on the Drupal site.

Congratulations, you have successfully set up Drupal as the SCIM server and OneLogin as the SCIM client.