What is OAuth / OpenID?
OAuth Server / OpenID Connect Server (OAuth 2.0 Server) also known as Authorization Server, It is the modern standard for securing access to APIs & implements network protocol flows which allow a client (OAuth Client) to act on behalf of a user. OAuth Server allows clients to verify the identity of end-users based on the authentication performed by an Authorization Server and also to obtain basic profile (Scope) information about the end-users in an interoperable and REST-like manner.
How does OAuth / OpenID work?
OAuth 2.0 Server is used to set up any Application as Identity Server to allow users to Single Sign-On / Login into their client site/application with login using OAuth / OpenID Connect protocol flows. The primary goal of this OAuth 2.0 server / Oauth Provider is to allow users to interact with multiple apps without requiring them to store sensitive credentials. You can easily configure an OAuth 2.0 / OpenID Connect server to protect your API with access tokens, or allow clients to request new access tokens and refresh them.
Joomla OAuth & OpenID Connect Single Sign-On (SSO) plugin enables secure login into Joomla using GitHub as OAuth and OpenID Connect provider. You can also configure the plugin using different Oauth providers such as Azure B2C, Office 365, and other custom providers. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, Role mapping, multi-tenant login, etc. Here we will go through a guide to configure SSO between Joomla and GitHub. By the end of this guide, users should be able to login to Joomla from GitHub.
click here to know more about other features we provide in Joomla OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin
Download And Installation
- Log into your Joomla instance as an admin.
- Go to the Joomla Dashboard -> Extensions -> Manage and click on Install.
- Seach for a Joomla OAuth Client plugin and click on Install.
Step 1: Setup GitHub as OAuth Provider
- First of all, go to https://github.com/settings/developers and log into your GitHub account.
- You will be presented with the following screen. Click on Register a new application
- You will be shown a form where you have to enter Application Name and Callback URI. Fill the form with appropriate information and click on the Register Application.
NOTE: Callback URI is the URI where the user will be sent after authorization.
- After registering the application, you will be given Client ID and Client Secret.
- Copy these credentials in Joomla OAuth Client Plugin configuration on corresponding fields.
GitHub Endpoints and Scope:
|Client ID :
||from the above step
|Client Secret :
||from the above step
|Access Token Endpoint:
|Get User Info Endpoint:
Step 2: Configure miniOrange Joomla OAuth Client plugin.