SAML Single Sign On (SSO) into Drupal using Salesforce as IDP

Drupal SAML Salesforce SSO setup will allow your user to login to your Drupal site using their Salesforce Credentials. The Drupal SAML module gives the ability to enable SAML Single Sign-On for Drupal. This module is compatible with all SAML Identity Providers. Here we will go through a guide to configure SAML SSO between Drupal and Salesforce Idp. By the end of this guide, users from your Identity Provider should be able to login into the Drupal site.

If you have any doubts or queries, you can contact us at We will help you to configure the module.

You can refer the steps to Configure Salesforce with the Drupal SAML SSO from the Video or Documentation given below:

Step 1: Configuring Salesforce as Identity Provider (IdP)

  • Go to and login into Salesforce.
  • Log into salesforce and go to Setup.
  • drupal saml sp select setup
  • From the left menu, navigate to Security Controls ยป Identity Provider, present uder Administer menu option.
  • Administer menu-Salesforce SAML Single Sign-On ( SSO )
  • Click on Enable Identity Provider button. After enabling the Identity Provider, you should be able to see Salesforce metadata endpoints and certificate details.
  • Enable Identity Provider-Salesforce SAML Single Sign-On ( SSO )
  • Under Service Providers Section, click on Service Providers are now created via Connected Apps. Click here link
  • Salesforce Identity provider Setup-Salesforce SAML Single Sign-On ( SSO )
  • Enter Connected App Name, API Name and Contact Email.
  • drupal saml sp basic information
  • Under Web App Settings, check the Enable SAML checkbox and enter the following values:
    Entity ID Enter SP Entity ID / Issuer from the Serivice Provider Metadata tab of the module.
    ACS URL Enter ACS (AssertionConsumerService) URL from the Serivice Provider Metadata tab of the module.
    Subject Type Username
    Name ID Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
  • drupal saml sp web app setting

Step 2: Assign Profiles

  • Now from left pane, under Administration Setup, select Manage Apps Connected Apps.
  • drupal saml sp select connected apps
  • Click on the App you just created.
  • Scroll down, under Profiles click on Manage Profiles, Select the profiles you want to give access to login through this app.
  • drupal saml sp manage profile

Step 3: Download metadata for communities

  • Under SAML Login Information, click on Download Metadata.
  • Open the downloaded file in some browser like Chrome, Firefox, IE, Microsoft Edge.
  • Search for "ds:X509Certificate" tab and copy the entire string under this tag. String would be like this: "MII....".
  • Keep this certificate value handy for next steps.
  • drupal saml sp download metadata

Step 4: Configuring Drupal as Service Provider (SP)

  • In miniOrange SAML Module, go to Service Provider Setup Tab. There are two ways to configure the Module:
  • I. By Uploading Salesforce Metadata.xml file (Recommended):

      1. Click on Upload IDP Metadata.
      2. Upload metadata file and click on Upload.

    II. Manual Configuration: In miniOrange SAML Module, go to Service Provider Setup Tab. Enter the following values:

    IDP Entity ID
    Single Sign On URL /idp/endpoint/HttpRedirect
    X.509 Certificate Paste the certificate value you copied from the Metadata file.

Business Trial For Free

If you don't find what you are looking for, please contact us at or call us at +1 978 658 9387.

Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to