SAML Single Sign On (SSO) into Drupal using Salesforce as IDP


Drupal SAML Salesforce SSO ( Single Sign-on ) setup will allow your user to login to your Drupal site using their Salesforce Credentials. Drupal SAML module gives the ability to enable SAML Single Sign-on for Drupal. This module is compatible with all SAML Identity Providers ( IDP ). We provide Drupal SAML SP 2.0 Single Sign on (SSO) - SAML Service Provider module which is compatible with Drupal 7, Drupal 8 and Drupal 9. Here we will go through a guide to configure SAML SSO between Drupal and Salesforce Idp. By the end of this guide, users from your Identity Provider should be able to login into the Drupal site.

If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule an online meeting to help you configure the Drupal SAML SP 2.0 Single Sign on (SSO) login module.

Setup Video Salesforce Suite with Drupal SAML Single Sign On

You can refer the steps to configure Salesforce with the Drupal SAML module from the video or documentation given below:


Features and Pricing

Know more about Drupal SAML Single Sign On - Service Provider module from here.

Pre-requisites: Download

You can download the SAML Single Sign On - Service Provider module from here.

Module Handbook

This detailed Handbook for the SAML Single Sign On - Service Provider module, gives an in depth explanation of the features of the module. You can refer to the handbook at anytime - it is always available to you, either via This link, or directly from the module for quicker access.

1. Install Drupal SAML SP 2.0 Single Sign On (SSO) module

    1.1. Using Composer:

    • Composer require drupal/miniorange_saml
    • Navigate to Extend menu on your Drupal admin console and search for miniOrange SAML Service Provider using the search box.
    • Enable the module by checking the checkbox and click on install button.
    • Configure the module at
      {BaseURL}/admin/config/people/miniorange_saml/idp_setup

    1.2. Using Drush:

    • Download the module:
      drush dl drupal/miniorange_saml
    • Install the module:
      drush en drupal/miniorange_saml
    • Clear the cache:
       drush cr
    • Configure the module at
      {BaseURL}/admin/config/people/miniorange_saml/idp_setup

    1.3. Manual installation:

    • Navigate to Extend menu on your Drupal admin console and click on Install new module button.
    • Install the Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider module either by downloading the zip or from the URL of the package (tar/zip).
    • Click on Enable newly added modules.
    • Enable this module by checking the checkbox and click on install button.
    • Configure the module at
      {BaseURL}/admin/config/people/miniorange_saml/idp_setup

Steps to configure Salesforce CRM SAML Single Sign-On ( SSO ) Login into Drupal site

2. Setup Drupal as Service Provider

  • In the miniOrange SAML Service Provider module, navigate to Service Provider Metadata tab. Here, you can find the SP metadata such as SP Entity ID / Issure, SP ACS URL (AssertionConsumerService) and X.509 Certificate which are required to configure the Identity Provider ( Salesforce ), Copy it and keep it handy.
  • Drupal SAML Service Provider - copy the sp entity id or issue, acs url, saml login url and certificate form service provider metadata tab
  • You can provide metadata to your IDP. This can be accomplished in two ways:
    • You are given a metadata URL that you can provide directly to your IdP.
    • You can Download XML Metadata file and upload it on your Identity Provider ( Salesforce Suite ).
    • Drupal SAML Service Provider - copy the sp metadata url and download xml metadata
  • In the miniOrage SAML Service Provider module, go to Service Provider Setup tab of the module. There are two way to configure Drupal SAML Service Provider SSO module:
    • A. By Uploading IDP Metadata
    • Click on Upload IDP Metadata link.
    • Click on Upload Metadata File and click on Upload File to fetch your information.
    • You can either Upload Metadata URLand click on Fetch Metadata button.
    • Drupal SAML Service Provider - upload idp metadata
      B. Manual Configuartion
    • Provide the required settings (i.e. Identity Provider Name, Idp Entity ID or Issuer, SAML Login URL and X.509 Certificate ) find to your Identity Provider Salesforce and click on Save Configuration button to save your configuration.
    • Identity Provider Name Enter name of Identity Provider
      Idp Entity ID or Issuer Copy Idp Entity ID / Issuer from Salesforce Dashboard and paste it.
      SAML Login URL Copy Single Sign On URL from Salesforce Dashboard and paste it.
      X.509 Certificate Copy and Download Signing certificate from Salesforce Dashboard and paste it.
      Drupal SAML Service Provider - Manual configuartion

3. Setup Salesforce as Identity Provider

miniorange img Configure Salesforce as IdP
  • Go to https://login.salesforce.com and login into Salesforce.
  • Log into salesforce and go to Setup.
  • drupal saml sp select setup
  • From the left menu, navigate to Security Controls ยป Identity Provider, present uder Administer menu option.
  • Administer menu-Salesforce SAML Single Sign-On ( SSO )
  • Click on Enable Identity Provider button. After enabling the Identity Provider, you should be able to see Salesforce metadata endpoints and certificate details.
  • Enable Identity Provider-Salesforce SAML Single Sign-On ( SSO )
  • Under Service Providers Section, click on Service Providers are now created via Connected Apps. Click here link
  • Salesforce Identity provider Setup-Salesforce SAML Single Sign-On ( SSO )
  • Enter Connected App Name, API Name and Contact Email.
  • drupal saml single sign on basic information
  • Under Web App Settings, check the Enable SAML checkbox and enter the following values:
  • Entity ID Enter SP Entity ID / Issuer from the Serivice Provider Metadata tab of the module.
    ACS URL Enter ACS (AssertionConsumerService) URL from the Serivice Provider Metadata tab of the module.
    Subject Type Username
    Name ID Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
    drupal saml sp web app setting

3.1 Assign Profiles

  • Now from left pane, under Administration Setup, select Manage Apps Connected Apps.
  • drupal saml sp select connected apps
  • Click on the App you just created.
  • Scroll down, under Profiles click on Manage Profiles, Select the profiles you want to give access to login through this app.
  • drupal saml sp manage profile

3.2 Download metadata for communities

  • Under SAML Login Information, click on Download Metadata.
  • Open the downloaded file in some browser like Chrome, Firefox, IE, Microsoft Edge.
  • Search for "ds:X509Certificate" tab and copy the entire string under this tag. String would be like this: "MII....".
  • Keep this certificate value handy for next steps.
  • drupal saml sp download metadata

You have successfully configured Salesforce as SAML IdP (Identity Provider) for achieving Salesforce SSO login into your Drupal Site.


Conclusion:

In this Guide, you have successfully configured Salesforce SAML Single Sign-On ( Salesforce Login ) choosing Salesforce as IdP and Drupal as SP using miniOrange SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider Login module. This solution ensures that you are ready to roll out secure access to your Drupal site using Salesforce login credentials within secound.

24*7 Active Support:

If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal SAML SP 2.0 Single Sign On (SSO) login module.

Free Trial:

If you would like to test out the module to ensure your business use case is fulfilled, we do provide a 7-day trial. Please drop us an email at drupalsupport@xecurify.com requesting a trial. You can create an account with us using this link.

Additional Resources

Our Other modules:

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com