Guide for Drupal Single Sign On (SSO) using Bitium as Identity Provider (IdP)
Bitium Single Sign-On (SSO) for Drupal miniOrange provides a ready to use solution for Drupal. This solution ensures that you are ready to roll out secure access to your Drupal site using Bitium within minutes.
Step 1: Configure Bitium as Identity Provider (IdP)
- Log into Bitium Admin Portal.
- Once you have logged into your Bitium Admin portal, click on the Manage button in the top navigation bar for your organization, and then click on Manage Apps.
- In the top right corner, click on Add More Apps. You will see a search box, then search for Drupal, and add the app to your Bitium account.
- Here we will start configuring SSO. First, select a name for your page, then select SAML Authentication from the dropdown menu. Once you are done, click on Install App.
- On the next screen, click on Configure Single Sign-On.
- Here, we will exchange a few values between Bitium and Drupal.
- Click on Save.
- Copy the following URL/Endpoints. These will be required while configuring the Module. Copy the X.509 Certificate text area value and keep it handy.
- Now, assign the Drupal app to your users in the Apps Overview section.
| SAML URL | Copy/Paste ACS URL from Service Provider Metadata tab |
| Entity ID | Copy/Paste SP-EntityID / Issuer from Service Provider Metadata tab |
Step 2: Configuring Drupal as Service Provider (SP)
- In miniOrange SAML Module, go to Service Provider Setup tab and enter the following details:
- In miniOrange SAML Module, go to Attribute/RoleMapping tab. Enter the following values:
- You can check the Test Configuration Results under Service Provider Setup tab to get a better idea of which values to map here.
| IDP Entity ID: | Entity ID from the Single Sign-On tab in Bitium |
| Single Sign-On URL: | Login URL from the Single Sign-On tab in Bitium |
| Single Logout URL: | Logout URL from the Single Sign-On tab in Bitium |
| X.509 Certificate: | Paste the X.509 Certificate value from Single Sign-On tab in Bitium |
| Username: | Name of the username attribute from IdP (Keep NameID by default) |
| Email: | Name of the email attribute from IdP (Keep NameID by default) |
| Group/Role Key: | Name of the Role attribute from Identity Provider (IdP) |
Step 3: Role Mapping (It is Optional to fill this). This is Premium feature.
- Drupal uses a concept of Roles, designed to give the site owner the ability to control what users can and cannot do within the site.
- Role mapping helps you to assign specific roles to users of a certain group in your Identity Provider (IdP).
- While auto registering, the users are assigned roles based on the group they are mapped to.
- Under the Role Mapping section, configure which GROUP value coming in the SAML response needs to be mapped to which role in Drupal. The Group value coming in the SAML response will be mapped to the Role assigned here and the user will be assigned that role in Drupal.
Step 4: Sign In Setting. This is Premium feature.
- Go to SIGNIN Settings tab. There are multiple features availabe in this tab like Protect your whole site, Auto redirect the user to Identity Provider and Backdoor Login. To use these features, click on the respective checkboxes.
For further details refer :
https://support.google.com/a/answer/60224?hl=en
https://www.bitium.com/insidewwp-single-sign-on-sso-provider
×
![Bitium_sso_Click on Manage Apps]()
Business Trial For Free
If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387.