SAML Single Sign On (SSO) into Drupal using Okta as IDP

Drupal SAML Okta SSO setup will allow your user to login to your Drupal site using their Okta Credentials. Drupal SAML module gives the ability to enable SAML Single Sign-On for Drupal. Drupal module is compatible with all SAML Identity Providers. Here we will go through a guide to configure SAML SSO between Drupal and your Identity Provider. By the end of this guide, users from your Identity Provider should be able to login into the Drupal site.

You can refer the steps to Configure Okta with the Drupal SAML SSO

from the Video or Documentation given below

Step 1: Configuring Okta as Identity Provider (IdP)

  • Log into Okta Admin Console.
  • Select Classic UI from top right of the dropdown.
  • drupal saml sp select classic ui
  • Click on Add Applications.
  • drupal saml sp add application
  • Click on Create New App.
  • Click on the SAML 2.0.
  • drupal saml sp create new application
  • In General Settings, enter App Name and click on Next.
  • In SAML Settings, enter the following: drupal saml sp setting
    Single Sign On URL Enter ACS (AssertionConsumerService) URL from the Service Provider Metadata tab of the module.
    Audience URI (SP Entity ID) Enter SP Entity ID / Issuer from the Service Provider Metadata tab of the module.
    Default Relay State Enter Relay State from the Service Provider Metadata tab of the module.
    Name ID Format Select E-Mail Address as a Name Id from dropdown list.
    Application Username Okta username.
  • Configure Attribute Statements and Group Attribute Statement (Optional).
  • drupal saml sp attribiute statement

Step 2: Assigning Groups/People

  • After creating and configuring the app go to the Assignment Tab in Okta.
  • Here we select the people and groups you want to give access to login through this app. Assign this to the people/group you would to give access.
  • drupalsaml sp assign groups
  • After assigning the people/groups to your app go to Sign On tab.
  • Click on view setup instructions to get the SAML Login URL (Single Sign on URL), Single Logout URL, IDP Entity ID and X.509 Certificate.
  • drupa saml sp sign on setting

Step 3: Configuring Drupal as Service Provider (SP)

  • In miniOrange SAML Module, go to Service Provider Setup tab. There are two ways to configure the Module:
    •  By Uploading Okta Metadata File:

      • Click on Upload IDP Metadata.
      • Upload metadata file and click on Upload.

       Manual Configuration :

      • Provide the required settings (i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) and save it.
        Identity Provider Name For Example : Miniorange
        IdP Entity ID or Issuer Identity Provider Issuer from Okta Setup Instructions
        SAML Login URL Identity Provider Single Sign-On URL from Okta Setup Instructions
        X.509 Certificate X.509 Certifiacate from Okta Setup Instructions

Business Trial For Free

If you don't find what you are looking for, please contact us at or call us at +1 978 658 9387.

Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to