How to setup FusionAuth Single Sign On with Drupal OAuth/OpenId Connect
How to setup FusionAuth Single Sign On with Drupal OAuth/OpenId Connect
Drupal FusionAuth SSO integration will allow you to configure Single Sign-On ( SSO ) login between your Drupal site and FusionAuth using OAuth/OpenID protocol. Drupal OAuth 2.0/OpenID connect module gives the ability to enable login using OAuth 2.0/OIDC Single Sign-On to Drupal Site.
We provide the Drupal OAuth/OpenID Client module for Drupal 7, Drupal 8, and Drupal 9.
Here we will go through a guide to configure the SSO login between Drupal and FusionAuth. By following these steps,
users of FusionAuth will be able to log into the Drupal site using their FusionAuth credentials.
If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule an online meeting to help you configure the Drupal
OAuth & OpenID Connect Login – OAuth2 Client SSO Login module.
Pre-requisite: Download and Installation
- Download the module:
Composer require 'drupal/miniorange_oauth_client'
- Navigate to Extend menu on your Drupal admin console and search for miniOrange OAuth Client Configuration using the search box.
- Enable the module by checking the checkbox and click on the Install button.
- You can configure the module at:
{BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
- Install the module:
drush en drupal/miniorange_oauth_client
- Clear the cache:
drush cr
- You can configure the module at:
{BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
- Navigate to Extend menu on your Drupal admin console and click on Install new module.
- Install the Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login module either by downloading the zip or from the URL of the package (tar/zip).
- Click on Enable newly added modules.
- Enable this module by checking the checkbox and click on install button.
- You can configure the module at:
{BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
- Navigate to the Configure OAuth tab and search for your Provider/Application using the search box. If you can't find a desired application/provider, select Custom OAuth Provider.
- Copy the Callback/Redirect URL and keep it handy.
2. Configure SSO Application in FusionAuth
- Login into your FusionAuth Admin Dashboard.
- Navigate to the Application and click on Plus (+) green button to Add New Application.
- Enter Application Name in the Name textfield for e.g. Drupal.
- Select OAuth tab and copy Callback/Redirect URLs from the miniOrange Drupal OAuth Client module and paste it Authorized redirect URLs textfield.
- Navigate to Registration tab and enabled the checkbox under Self service registration.
- Save the Application by clicking on blue icon in the top right corner.
- It will redirect back to you Application list, where you can click the search icon button next to the newly created application.
- In the OAuth Configuration tab, you will be get Client Id, Client secret. Keep it handy as you will need to configure Drupal OAuth Client module.
- After successfully saving the configurations, please click on the Test Configuration button to test the connection between Drupal and FusionAuth.
- This Test Configuration window will provide you with a list of the attributes that are coming from the FusionAuth.
- Select the Email Attribute from the dropdown menu in which the user's email ID is obtained and click on the Done button.
- Now, in the Attribute & Role Mapping tab, you can also choose the Username Attribute from the dropdown and click on the Save Configuration button.
- Now log out and go to your Drupal site’s login page. You will automatically find a Login with FusionAuth link there. If you want to add the SSO link to other pages as well, please follow the steps given in the image below :
Note:- By default, FusionAuth doesn’t Permit to users to create a new account. This is handy when you have an internal tool where admins manually create the accounts. But if you want the users to be able to register an account, you need to turn on self-service registration in the “Registration” tab. You can also customize which fields are required by turning them on.
3. Integrating Drupal with FusionAuth
FusionAuth Application Endpoints and Scope:
| Scope: | openid profile |
| Authorize Endpoint: | {YOUR_FUSIONAUTH_URL}/oauth2/authorize |
| Access Token Endpoint: | {YOUR_FUSIONAUTH_URL}/oauth2/token |
| Get User Info Endpoint: | {YOUR_FUSIONAUTH_URL}/oauth2/userinfo |
4. Test Configuration of Drupal with FusionAuth
Please note: Mapping the Email Attribute is mandatory for your login to work.
24*7 Active Support
If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal OAuth/OpenID Single Sign On module.
Additional Resources
Our Other modules
Need Help? We are right here!
