Salesforce Signal Sign On (SSO) for Drupal miniOrange provides a ready to use solution for Drupal. This solution ensures that you are ready to roll out secure access to your Drupal site using Salesforce within minutes.
Step 1: Configuring Salesforce as Identity Provider (IdP)
- Go to https://login.salesforce.com and login into Salesforce.
- Log into salesforce and go to Setup.
- From the left pane, select Build Create Apps.
- Scroll down, under Connected Apps, click on New button.
- Enter Connected App Name, API Name and Contact Email.
- Under Web App Settings, check the Enable SAML checkbox and enter the following values:
| Entity ID |
Enter SP Entity ID / Issuer from the Serivice Provider Metadata tab of the module. |
| ACS URL |
Enter ACS (AssertionConsumerService) URL from the Serivice Provider Metadata tab of the module. |
| Subject Type |
Username |
| Name ID Format |
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent |
Step 2: Assign Profiles
- Now from left pane, under Administration Setup, select Manage Apps Connected Apps.
- Click on the App you just created.
- Scroll down, under Profiles click on Manage Profiles, Select the profiles you want to give access to login through this app.
Step 3: Download metadata for communities
- Under SAML Login Information, click on Download Metadata.
- Open the downloaded file in some browser like Chrome, Firefox, IE, Microsoft Edge.
- Search for "ds:X509Certificate" tab and copy the entire string under this tag. String would be like this: "MII....".
- Keep this certificate value handy for next steps.
Step 4: Configuring Drupal as Service Provider (SP)
- In miniOrange SAML Module, go to Service Provider Setup Tab. There are two ways to configure the Module:
I. By Uploading Salesforce Metadata.xml file (Recommended):
1. Click on Upload IDP Metadata.
2. Upload metadata file and click on Upload.
II. Manual Configuration: In miniOrange SAML Module, go to Service Provider Setup Tab. Enter the following values:
| IDP Entity ID |
https://.my.salesforce.com |
| Single Sign On URL |
https://.my.salesforce.com /idp/endpoint/HttpRedirect |
| X.509 Certificate |
Paste the certificate value you copied from the Metadata file. |
Step 5: Attribute Mapping (It is Optional to fill this). This is a premium feature.
- Attributes are user details that are stored in your Identity Provider.
- Attribute Mapping helps you to get user attributes from your Identity Provider (IdP) and map them to Drupal user attributes like firstname, lastname, etc.
- While auto registering the users in your Drupal site these attributes will automatically get mapped to your Drupal user details.
- In miniOrange SAML Module, go to Mapping tab and fill in all the fields.
| Username: |
Name of the username attribute from IdP (Keep NameID by default) |
| Email: |
Name of the email attribute from IdP (Keep NameID by default) |
| Group/Role Key: |
Name of the Role attribute from Identity Provider (IdP) |
- You can check the Test Configuration Results under Service Provider Setup tab to get a better idea of which values to map here.
Step 6: Role Mapping (It is Optional to fill this). This is a premium feature.
- Drupal uses a concept of Roles, designed to give the site owner the ability to control what users can and cannot do within the site.
- Role mapping helps you to assign specific roles to users of a certain group in your Identity Provider (IdP).
- While auto registering, the users are assigned roles based on the group they are mapped to.
Step 7: Sign In Setting. This is a premium feature.
×
![salesforce_sso_image]()
Business Trial For Free
If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387.
