Search Results :

×

Joomla OAuth Client Integration with Google Apps Single Sign-On (SSO)


Streamline your Joomla user experience with seamless Google Apps Single Sign-on (G Suite SSO) integration using the powerful OAuth 2.0 Protocol. With the miniOrange Joomla OAuth / OpenID Connect Single Sign-on (SSO) plugin, setting up Google Apps SSO into Joomla becomes effortless, ensuring a secure login process. This allows users to access the Joomla site easily and securely by authenticating with their Google Apps OAuth Provider credentials.

Visit our Joomla OAuth Client Plugin page to learn more about the features and Pricing plans we offer for the Joomla OAuth Single Sign-on (OAuth & OpenID connect) plugin.

Pre-requisites : Download And Installation

Setup Google Apps as OAuth Provider with Joomla OAuth Client

1. Download and Setup Joomla OAuth Client

  • Download the zip file for the miniOrange OAuth Client plugin for Joomla from the given link.
  • Login into your Joomla site’s administrator console.
  • From Menu, click on System, then under Install section click on Extension.
  • Upload the downloaded zip file to install the Joomla OAuth Client plugin.
  • After successful installation of plugin, click on Start Using miniOrange OAuth Client plugin button.
  • Under Configure OAuth tab, Select Google Apps as an OAuth Provider.
  • Google Apps Single Sign-On (SSO) OAuth/OpenID
  • Copy the Callback/Redirect URL from Configure OAuth tab of Joomla OAuth Client plugin. We will require it later.
  • Google Apps,  SSingle Sign-On (SSO) OAuth/OpenID

2. Configure Google Apps as OAuth Provider

  • Go to Google Apps login Dashboard and sign up/login.
  • Google Apps Login Dashboard
  • Click on Select Project to create a new Google Apps Project for Joomla OAuth Client, you will see a popup with the list of all your projects.
  •  Google Apps G Suite SSO Joomla create new project
  • You can click on the New project button to create new project for Google apps as OAuth server.
  • Google Apps G Suite SSO Joomla  create new project
  • Enter your Project name under the Project Name field and click on Create.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, enter project name
  • Go to Navigation MenuAPIsServicesCredentials.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, credentials
  • Click on Create Credentials button and then select OAuth Client ID from the options provided.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, OAuth client id
  • In case you are facing some warning saying that in order to create an OAuth Client ID, you must set a product name on consent screen (as shown in below image). Click on the Configure consent screen button.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, configure consent screen
  • Enter the required details such as App Name, User Support Email and click on Save and Continue button.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, save settings  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, save settings
  • Now for configuring scopes, click on Add or Remove the Scopes button.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, create oauth client id
  • Now, select the Scopes to allow your project to access specific types of private user data from their Google Account and click on Update button.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, create oauth client id
  • Go to the Credentials tab and click on Create Credentials button. Select Web Application from dropdown list to create new application.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, create oauth client id
  • Enter the name you want for your Client ID under the name field and enter the Redirect/Callback URI from miniOrange OAuth Client plugin under the Authorized redirect URIs field and click on Create button.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, create oauth client id
  • You will see a popup with the Client ID and Client Secret Copy your Client ID and Client Secret and save it on your miniOrange OAuth Client plugin Configuration.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, client id client secret

3. Integrating Joomla with Google Apps

  • Now go to Configure OAuth tab of Joomla OAuth Client Plugin. Then paste the Client ID and Client Secret and Endpoints. then click on Save Settings.
  •  G Suite SSO with Joomla OIDC OAuth, Google Apps SSO for Joomla, client id client secret
  • You have successfully configured your Google Apps as an OAuth Server.

3.1. Scope & Endpoints

    Google Endpoints and Scope:


    Client ID : Click Here
    Client Secret : Click Here
    Scope: Openid email Profile
    Authorize Endpoint: https://accounts.google.com/o/oauth2/auth
    Access Token Endpoint: https://www.googleapis.com/oauth2/v4/token
    Get User Info Endpoint: https://www.googleapis.com/oauth2/v1/userinfo
    Set Client Credentials: In Both (In Header and In Body)

3.2. Grant Types

  • Go to the Grant Settings and JWT tab. Here you can select the preffered grant type supported by your OAuth provider.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • The following grant types are supported: Authorization Token, Implicit Token, Client Credential and Refresh Token.

5. User Attribute Mapping [Premium Feature]

  • User Attribute Mapping is mandatory for enabling users to successfully login into Joomla. We will be setting up user profile attributes for Joomla using below settings.
  • Click on Test Configuration button, you will see all the values returned by your OAuth Provider to Joomla in a table.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Now go to do Attribute Mapping tab. Here you can map all the Attribute Mapping details in the given fields below.
  •  Okta Single Sign-On (SSO) OAuth/OpenID  Okta Single Sign-On (SSO) OAuth/OpenID

6. Role/Group Mapping [Premium Feature]

  • Go to the Role Mapping tab. Here you can Enable Role Mapping and select default groups for new users.
  • Based on your provider application, you can allocate the Joomla role to your provider roles.
  •  Okta Single Sign-On (SSO) OAuth/OpenID

7. Login Settings [Premium Feature]

  • Now you can use Login / SSO URL to perform SSO.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
  • Go to the Login/Logout Settings tab. Here, you can configure user login/logout behavior for your Joomla application.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your Google OAuth Provider.
  • Click on the Upgrade Plans tab to check out our complete list of features and various licensing plans. OR you can click here to check features and licensing plans.
  • If you want to purchase any of the paid version of the plugin, you have to register/login with us in Account Setup tab. OR you can register/login Here .
  • In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support button in the plugin or by sending us a mail at joomlasupport@xecurify.com.

You have successfully configured Joomla as OAuth Client for achieving Joomla Google Apps Single Sign-On (SSO) with Joomla for user authentication.


In this guide, you have successfully configured Joomla Google Apps Single Sign-On (SSO) by configuring Google Apps as OAuth Provider and Joomla as OAuth Client using our Joomla OAuth Client plugin.This solution ensures that you are ready to roll out secure access to your Joomla site using Google Apps login credentials within minutes.

Additional Resources


Mail us on joomlasupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com