Search Results :

×

SAML Single Sign-On (SSO) into Drupal using Salesforce as IdP

The Drupal SAML integration using the miniOrange SAML SP module establishes seamless SSO between Salesforce and the Drupal site. The users will be able to log in to the Drupal site using their Salesforce credentials. This document will walk you through the steps to configure Single Sign-On - SSO between Drupal as a Service Provider (SP) and Salesforce as an Identity Provider (IdP). The module is compatible with with Drupal 7, Drupal 8, Drupal 9, Drupal 10 and Drupal 11.

  • Download the module:
    Composer require 'drupal/miniorange_saml'
  • Navigate to Extend menu on your Drupal admin console and search for miniOrange SAML Service Provider using the search box.
  • Enable the module by checking the checkbox and click on install button.
  • Configure the module at
    {BaseURL}/admin/config/people/miniorange_saml/idp_setup
  • Install the module:
    drush en drupal/miniorange_saml
  • Clear the cache:
     drush cr
  • Configure the module at
    {BaseURL}/admin/config/people/miniorange_saml/idp_setup
  • Navigate to Extend menu on your Drupal admin console and click on Install new module button.
  • Install the Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on install button.
  • Configure the module at
    {BaseURL}/admin/config/people/miniorange_saml/idp_setup
  • After installing the module on your Drupal site, in the Administration menu, navigate to Configuration → People → miniOrange SAML Login Configuration. (/admin/config/people/miniorange_saml/idp_setup)
Drupal SAML Single Sign-On - Select miniOrange SAML Login Configuration
  • Copy the SP Entity ID/Issuer and the SP ACS URL from the tab. Keep it handy. (This is required to configure Salesforce as IdP.)
drupal saml single sign on login - in the service provider metadata tab, here you can find the sp metadata to configure your identity provider

  • Log in to your Salesforce account.
  • Click on the setting Icon in the top right corner. Click on Setup from the dropdown.
drupal saml sp select setup from settings

  • Navigate to the Quick Find box from the left panel.
  • Search for Identity Provider and click on it.
Salesforce-Single-Sign-On-Search-for-Identity-Provider

  • Click on Enable Identity Provider button.
Identity-Provider-Salesforce-Single-Sign-On-Enable-Identity-Provider

  • Click on Save button.
Salesforce SAML Single Sign-On ( SSO ) - Click on Save button

  • Click on the Download Metadata button. Keep the downloaded file handy. (This is needed to configure Drupal as SAML Service Provider.)
  • Click on Service Providers are now created via Connected Apps. Click here link. You will be redirected to New Connected App configurations page.
Identity-Provider-Salesforce-Single-Sign-On-Click-on-Download-Metadata-button

  • On the New Connected App, provide the following information.
  • Basic Information:
    • Enter the name of the Application in Connected App Name text field.
    • Enter a valid email address in the Contact Email text field.
    Manage-Connected-Apps-Salesforce-Single-Sign-On-enter-basic-profile-info

    • Web App Settings:
    • Check the Enable SAML checkbox and provide the required information into the corresponding text field from the Service Procider Metadata tab of the module referring below.
      Salesforce SAML Field Service Provider Information (Drupal)
      Entity ID SP Entity ID/Issuer
      ACS URL SP ACS URL
      Subject Type Username
      Name ID Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
    Manage-Connected-Apps-Salesforce-Single-Sign-On-Web-App-Settings

    • Click on Save.
    • Navigate to the Quick Find box from the left panel.
    • Search for Manage Connected Apps and click on it.
    • Select the Application that you have created on Salesforce. For, example Drupal.
    Manage-Connected-Apps-Salesforce-Single-Sign-On-Search-for-Manage-Connected-Apps

    • Scroll down to Profiles section and click on Manage Profiles button.
    Lightning-Experience-Salesforce-Single-Sign-On-Profiles

    • Select the profiles you want to give access to login through this app. Click on the Save button.
    Lightning-Experience-Salesforce-Single-Sign-On-Profiles

    • Navigate to the Service Provider Setup tab of the Drupal site and click on Upload IDP Metadata.
    • In the Upload Metadata File field, choose the XML metadata file that you downloaded from Salesforce. Click on the Upload File button.
    Drupal-SAML-Single-Sign-On-Upload-Salesforce-IdP-metadata

      Note: To update Identity Provider Name, follow these steps:

      • Under Action, select the Edit.
      • Enter Salesforce in the Identity Provider Name text field.
      • Scroll down and click on the Save Configuration button.
    • Click on the Test link to test the connection between Drupal and Salesforce.
    Drupal-SAML-Single-Sign-On-Click-on-Test-link-to-verify-the-connection

    • On a Test Configuration popup sign in using Salesforce credentials (if an active session is not present). After successful authentication, a list of attributes that are received from Salesforce will be displayed. Click on the Done.
    Drupal-and-Salesforce-Test-Configurtion-successfully

    Congratulations! you have successfully configure Salesforce as SAML Identity Provider (IdP) and Drupal as SAML Service Provider.

    • Open a new browser/private window and navigate to the Drupal site login page.
    • Click the Login using Identity Provider (Salesforce) link.
    • You will be redirected to the Salesforce login page. Enter the Salesforce credentials. After successful authentication, the user will be redirected back to the Drupal site.

    [MO_CONTACT_US]
    ADFS_sso ×
    Hello there!

    Need Help? We are right here!

    support
    Contact miniOrange Support
    success

    Thanks for your inquiry.

    If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com