SAML Single Sign On (SSO) into Drupal using Okta as IDP


Drupal SAML Okta SSO setup will allow your user to login to your Drupal site using their Okta Credentials. Drupal SAML module gives the ability to enable SAML Single Sign-On for Drupal. This module is compatible with all SAML Identity Providers ( IDP ). We provide Drupal SAML SP 2.0 Single Sign on (SSO) - SAML Service Provider module which is compatible with Drupal 7, Drupal 8 as well as Drupal 9. Here we will go through a guide to configure SAML SSO between Drupal and Okta Idp. By the end of this guide, users from your Identity Provider should be able to login into the Drupal site.

If you have any doubts or queries, you can contact us at drupalsupport@xecurify.com. We will help you to configure the module. If you want, we can also schedule an online meeting to help you configure the Drupal SAML SP 2.0 Single Sign On (SSO) module.

Setup Video Okta as IDP

You can refer to the steps to Configure Okta with the Drupal SAML SSO from the Video or Documentation given below



Features and Pricing

Know more about Drupal SAML Single Sign On - Service Provider module from here.

Pre-requisites: Download

You can download the SAML Single Sign On - Service Provider module from here.

1. Install Drupal SAML SP 2.0 Single Sign On (SSO) module

    1.1. Using Composer:

    • Composer require drupal/miniorange_saml
    • Navigate to Extend menu on your Drupal admin console and search for miniOrange SAML Service Provider using the search box.
    • Enable the module by checking the checkbox and click on install button.
    • Configure the module at
      {BaseURL}/admin/config/people/miniorange_saml/idp_setup

    1.2. Using Drush:

    • Download the module:
      drush dl drupal/miniorange_saml
    • Install the module:
      drush en drupal/miniorange_saml
    • Clear the cache:
       drush cr
    • Configure the module at
      {BaseURL}/admin/config/people/miniorange_saml/idp_setup

    1.3. Manual installation:

    • Navigate to Extend menu on your Drupal admin console and click on Install new module button.
    • Install the Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider module either by downloading the zip or from the URL of the package (tar/zip).
    • Click on Enable newly added modules.
    • Enable this module by checking the checkbox and click on install button.
    • Configure the module at
      {BaseURL}/admin/config/people/miniorange_saml/idp_setup

Steps to configure Okta Single Sign-On (SSO) Login into Drupal website

2. Configuring Okta as Identity Provider

Follow the steps below to configure Okta as IdP

miniorange img Configure Okta as IdP
  • Log into Okta Admin Console.
  • Then navigate to Applications tab and select Applications.
  • drupal saml sp select aplication
  • Click on the Create App Integration button to create new app.
  • drupal saml sp create application
  • Select SAML 2.0 as Sign-On method and Click on Next button.
  • Configure Okta as IDP -SAML Single Sign-On(SSO) for drupal - Okta SSO Login - SAML 2.0 Configure
  • In General Settings tab, enter App Name and click on Next button.
  • Configure Okta as IDP -SAML Single Sign-On(SSO) for Drupal - Okta SSO Login - SAML_SETTINGS
    Single Sign On URL Enter ACS (AssertionConsumerService) URL from the Service Provider Metadata tab of the module.
    Audience URI (SP Entity ID) Enter SP Entity ID / Issuer from the Service Provider Metadata tab of the module.
    Default Relay State Enter Relay State from the Service Provider Metadata tab of the module.
    Name ID Format Select E-Mail Address as a Name Id from dropdown list.
    Application Username Okta username.
  • Enter the Single Sign On URL, Audience URI (SP Entity ID), Default Relay State , Name ID Format under the Configure SAML tab.
  • Configure Okta as IDP -SAML Single Sign-On(SSO) for Drupal - Okta SSO Login - configuration
  • Configure Group Attribute Statement (Optional) and click on Next button.
  • Configure Okta as IDP -SAML Single Sign-On(SSO) for Drupal - Okta SSO Login - Add_Attributes

2.1 Assigning Groups/People

  • After creating and configuring the app go to the Assignments Tab in Okta.
  • Here we select the people and groups you want to give access to login through this app. Assign this to the people/group you would to give access.
  • drupalsaml sp assign groups
  • After assigning the people/groups to your app go to Sign On tab.
  • Click on view setup instructions to get the SAML Login URL (Single Sign on URL), Single Logout URL, IDP Entity ID and X.509 Certificate.
  • drupa saml sp sign on setting

3. Configuring Drupal as Service Provider

  • In miniOrange SAML module, go to Service Provider Setup tab. There are two ways to configure the module:
    • miniOrange image By Uploading Okta IDP Metadata File:

      • Click on Upload IDP Metadata.
      • Upload metadata file and click on Upload.

      miniOrange image Manual Configuration :

      • Provide the required settings (i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) and save it.
        Identity Provider Name For Example : Okta SSO Integartion
        IdP Entity ID or Issuer Identity Provider Issuer from Okta Setup Instructions
        SAML Login URL Identity Provider Single Sign-On URL from Okta Setup Instructions
        X.509 Certificate X.509 Certifiacate from Okta Setup Instructions

24*7 Active Support:

If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal SAML SP 2.0 Single Sign On (SSO) login module.

Free Trial:

If you would like to test out the module to ensure your business use case is fulfilled, we do provide a 7-day trial. Please drop us an email at drupalsupport@xecurify.com requesting a trial. You can create an account with us using this link.

Additional Resources

Our Other modules:

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com