Drupal SAML Single Sign On using Salesforce as Identity Provider
The Drupal SAML integration using the miniOrange SAML SP module establishes seamless SSO between Salesforce and the Drupal site. The users will be able to log in to the Drupal site using their Salesforce credentials. This document will walk you through the steps to configure Single Sign-On - SSO between Drupal as a Service Provider (SP) and Salesforce as an Identity Provider (IdP). The module is compatible with Drupal 7, Drupal 8, Drupal 9, and Drupal 10.
Installation Steps
- Download the module:
Composer require 'drupal/miniorange_saml'
- Navigate to Extend menu on your Drupal admin console and search for miniOrange SAML Service Provider using the search box.
- Enable the module by checking the checkbox and click on install button.
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml/idp_setup
- Install the module:
drush en drupal/miniorange_saml
- Clear the cache:
drush cr
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml/idp_setup
- Navigate to Extend menu on your Drupal admin console and click on Install new module button.
- Install the Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider module either by downloading the zip or from the URL of the package (tar/zip).
- Click on Enable newly added modules.
- Enable this module by checking the checkbox and click on install button.
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml/idp_setup
Drupal SAML SP Metadata:
- After installing the module on your Drupal site, in the Administration menu, navigate to Configuration → People → miniOrange SAML Login Configuration. (/admin/config/people/miniorange_saml/idp_setup)
- Copy the SP Entity ID/Issuer and the SP ACS URL from the tab. Keep it handy. (This is required to configure Salesforce as IdP.)
Configure SAML Single Sign-On Application in Salesforce:
- Log in to your Salesforce account.
- Click on the setting Icon in the top right corner. Click on Setup from the dropdown.
- Navigate to the Quick Find box from the left panel.
- Search for Identity Provider and click on it.
- Click on Enable Identity Provider button.
- Click on Save button.
- Click on the Download Metadata button. Keep the downloaded file handy. (This is needed to configure Drupal as SAML Service Provider.)
- Click on Service Providers are now created via Connected Apps. Click here link. You will be redirected to New Connected App configurations page.
- On the New Connected App, provide the following information.
- Basic Information:
- Enter the name of the Application in Connected App Name text field.
- Enter a valid email address in the Contact Email text field.
- Web App Settings:
- Check the Enable SAML checkbox and provide the required information into the corresponding text field from the Service Procider Metadata tab of the module referring below.
- Click on Save.
| Salesforce SAML Field | Service Provider Information (Drupal) |
| Entity ID | SP Entity ID/Issuer |
| ACS URL | SP ACS URL |
| Subject Type | Username |
| Name ID Format | urn:oasis:names:tc:SAML:2.0:nameid-format:persistent |
Assign User Profiles to Salesforce Application:
- Navigate to the Quick Find box from the left panel.
- Search for Manage Connected Apps and click on it.
- Select the Application that you have created on Salesforce. For, example Drupal.
- Scroll down to Profiles section and click on Manage Profiles button.
- Select the profiles you want to give access to login through this app. Click on the Save button.
Configure Drupal as SAML Service Provider:
- Navigate to the Service Provider Setup tab of the Drupal site and click on Upload IDP Metadata.
- In the Upload Metadata File field, choose the XML metadata file that you downloaded from Salesforce. Click on the Upload File button.
- Under Action, select the Edit.
- Enter Salesforce in the Identity Provider Name text field.
- Scroll down and click on the Save Configuration button.
- Click on the Test link to test the connection between Drupal and Salesforce.
- On a Test Configuration popup sign in using Salesforce credentials (if an active session is not present). After successful authentication, a list of attributes that are received from Salesforce will be displayed. Click on the Done.
Note: To update Identity Provider Name, follow these steps:
Congratulations! you have successfully configure Salesforce as SAML Identity Provider (IdP) and Drupal as SAML Service Provider.
How does SAML SSO login work?
- Open a new browser/private window and navigate to the Drupal site login page.
- Click the Login using Identity Provider (Salesforce) link.
- You will be redirected to the Salesforce login page. Enter the Salesforce credentials. After successful authentication, the user will be redirected back to the Drupal site.
Additional Features:
Explore the advanced features offered by the module with full-featured trial. You can initiate the trial request using Request 7-day trial button of the module or reach out to us at drupalsupport@xecurify.com for one-on-one assistance from Drupal expert.
- Map Attributes/Roles from IdP to the Drupal site
- Multiple IdP setup
Redirect users to a specific page after login/logout - Protect site from anonymous access - forced authentication
Case Studies
miniOrange has successfully catered to the use cases of 400+ trusted customers with its highly
flexible/customizable Drupal solutions. Feel free to check out some of our unique case studies using
this link.
Other Solutions
Feel free to explore other Drupal solutions that we offer here. The
popular solutions used by our trusted customers include 2FA, User Provisioning, Website Security.
24*7 Active Support
The Drupal developers at miniOrange offer quick and active support for your queries. We can assist you
from choosing the best solution for your use case to deploying and maintaining the solution.
×
![ADFS_sso]()
Trending searches:
Hello there!
Need Help? We are right here!
