SAML Single Sign On (SSO) into Drupal using Okta as IDP
Drupal SAML Okta SSO setup will allow your user to login to your Drupal site using their Okta Credentials. Drupal SAML module gives the ability to enable SAML Single Sign-On for Drupal. This module is compatible with all SAML Identity Providers ( IDP ). We provide Drupal SAML SP 2.0 Single Sign on (SSO) - SAML Service Provider module which is compatible with Drupal 7, Drupal 8 as well as Drupal 9. Here we will go through a guide to configure SAML SSO between Drupal and Okta Idp. By the end of this guide, users from your Identity Provider should be able to login into the Drupal site.
If you have any doubts or queries, you can contact us at drupalsupport@xecurify.com. We will help you to configure the module. If you want, we can also schedule an online meeting to help you configure the Drupal SAML SP 2.0 Single Sign On (SSO) module.
Pre-requisite: Download and Installation
- Download the module:
Composer require 'drupal/miniorange_saml'
- Navigate to Extend menu on your Drupal admin console and search for miniOrange SAML Service Provider using the search box.
- Enable the module by checking the checkbox and click on install button.
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml/idp_setup
- Install the module:
drush en drupal/miniorange_saml
- Clear the cache:
drush cr
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml/idp_setup
- Navigate to Extend menu on your Drupal admin console and click on Install new module button.
- Install the Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider module either by downloading the zip or from the URL of the package (tar/zip).
- Click on Enable newly added modules.
- Enable this module by checking the checkbox and click on install button.
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml/idp_setup
Setup Video Okta as IDP
You can refer to the steps to Configure Okta with the Drupal SAML SSO from the Video or Documentation given below
Steps to configure Okta SAML Single Sign-On (SSO) Login into Drupal website
1. Configuring Okta as Identity Provider
Follow the steps below to configure Okta as IdP
Configure Okta as IdP
- Log into Okta Admin Console.
- From the left side, navigate to the Applications tab and select Applications.
- Click on the Create App Integration button to create new app.
- Select SAML 2.0 as Sign-On method and Click on Next button.
- In General Settings tab, enter App Name and click on Next button.
Configure Drupal as SP
- In miniOrange SAML module, go to Service Provider Metadata tab and copy the SP Entity ID/Issuer (Audience URI (SP Entity ID)), SP ACS URL (Single sign on URL) and keep it handy.
- Paste the Single Sign On URL, Audience URI (SP Entity ID), Default Relay State, and Name ID Format under the Configure SAML tab that was copied in the previous step.
- Configure Group Attribute Statement (Optional) and click on Next button.
| Single Sign On URL | Enter ACS (AssertionConsumerService) URL from the Service Provider Metadata tab of the Drupal SAML SP module. |
| Audience URI (SP Entity ID) | Enter SP Entity ID / Issuer from the Service Provider Metadata tab of the Drupal SAML SP module. |
| Default Relay State | Enter Relay State from the Service Provider Metadata tab of the Drupal SAML SP module. |
| Name ID Format | Select E-Mail Address as a Name Id from dropdown list. |
| Application Username | Okta username. |
1.1 Assigning Groups/People
- After creating and configuring the app go to the Assignments Tab in Okta.
- Here we select the people and groups you want to give access to login through this app. Assign this to the people/group you would to give access.
- After assigning the people/groups to your app go to Sign On tab.
- Click on view setup instructions to get the SAML Login URL (Single Sign on URL), Single Logout URL, IDP Entity ID and X.509 Certificate.
2. Configuring Drupal as Service Provider
- In miniOrange SAML module, go to Service Provider Setup tab. There are two ways to configure the module:
- Click on Upload IDP Metadata.
- Upload metadata file and click on Upload.
- Provide the required settings (i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) and save it.
By Uploading Okta IDP Metadata File:
Manual Configuration :
| Identity Provider Name | For Example : Okta SSO Integartion |
| IdP Entity ID or Issuer | Identity Provider Issuer from Okta Setup Instructions |
| SAML Login URL | Identity Provider Single Sign-On URL from Okta Setup Instructions |
| X.509 Certificate | X.509 Certifiacate from Okta Setup Instructions |
24*7 Active Support:
If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal SAML SP 2.0 Single Sign On (SSO) login module.
Free Trial:
If you would like to test out the module to ensure your business use case is fulfilled, we do provide a 7-day trial. Please drop us an email at drupalsupport@xecurify.com requesting a trial. You can create an account with us using this link.
Additional Resources
- What is Single Sign-On (SSO)?
- What is SAML?
- What is SSO? How works SAML SSO authentication?
- Frequently Asked Questions (FAQs)
Our Other modules:
Need Help? We are right here!
