Joomla OAuth Client Integration with Google Apps Single Sign-On (SSO)

Overview

Streamline your Joomla user experience with seamless Google Apps Single Sign-on (G Suite SSO) integration using the powerful OAuth 2.0 Protocol. With the miniOrange Joomla OAuth / OpenID Connect Single Sign-on (SSO) plugin, setting up Google Apps SSO into Joomla becomes effortless, ensuring a secure login process. This allows users to access the Joomla site easily and securely by authenticating with their Google Apps OAuth Provider credentials. The Google Apps OAuth Joomla plugin also provides advanced features such as, Auto create users, Attribute Mapping, Group Mapping etc. Visit our Joomla OAuth Client Plugin page to learn more about the features and pricing plans we offer for the Joomla OAuth Single Sign-on (OAuth & OpenID connect) plugin.

Configuration Steps

In this configuration, Google Apps functions as the OAuth server, while Joomla allows users to log in with their Google Apps credentials by utilizing the Joomla OAuth Client Plugin.

Step 1: Install Joomla OAuth Client Plugin

• Login into your Joomla site’s Administrator console.
• From left toggle menu, click on System, then under Install section click on Extensions.
• Now click on Or Browse for file button to locate and install the plugin file downloaded earlier.
• Installation of plugin is successful. Now click on Get Started!
• Under Configure OAuth -> Pre-Configured Apps tab, select your OAuth Provider. You can also search for custom OAuth or custom OpenID application in the search bar, and configure your own custom provider.

• After selecting your OAuth provider, you will be redirected to the Step 1 [Redirect URL] tab. Now copy the Callback/Redirect URL which we will use to configure Google Apps as OAuth Server, then click on the Save & Next button.

Step 2: Configure Google Apps as OAuth Server

• Go to Google Apps Login Dashboard and Sign Up/Login.

• Click on Select Project to create a new Google Apps Project for Joomla OAuth Client, you will see a popup with the list of all your projects.

• You can click on the NEW PROJECT button to create new project for Google apps as OAuth server.

• Enter your Project name under the Project Name field and click on Create.

• Go to Navigation Menu -> APIs -> Services -> Credentials.

• Click on Create Credentials button and then select OAuth Client ID from the options provided.

• In case you are facing some warning saying that in order to create an OAuth Client ID, you must set a product name on consent screen (as shown in below image). Click on the Configure consent screen button.

• Enter the required details such as App Name, User Support Email and click on Save and Continue button.

• Now for configuring scopes, click on Add or Remove the Scopes button.

• Now, select the Scopes to allow your project to access specific types of private user data from their Google Account and click on Update button.

• Go to the Credentials tab and click on Create Credentials button. Select Web Application from dropdown list to create new application.

• Enter the name you want for your Client ID under the name field and enter the Redirect/Callback URI from miniOrange OAuth Client plugin under the Authorized redirect URIs field and click on Create button.

Step 3: Configure Client ID & Secret

• Next, you will see a popup with the Client ID and Client Secret. Copy the Client ID and Client Secret.

• Go back to your Joomla Dashboard. Then go to Step 2 [Client ID & Secret].
• Paste the Client ID, Client Secret and Domain. Also Set Client Credentials In header then click on Save Settings. Once Settings are saved then click on Save Configuration.

• Scope & Endpoints are given below, which are required for configuring Joomla as OAuth Client plugin to configure Google Apps as a custom OAuth or OIDC provider.

Scope	Openid email Profile
Authorize Endpoint	https://accounts.google.com/o/oauth2/auth
Access Token Endpoint	https://www.googleapis.com/oauth2/v4/token
Get User Info Endpoint	https://www.googleapis.com/oauth2/v1/userinfo
Set Client Credentials	In Both (In Header and In Body)

Step 4: Configure Attribute Mapping

• User Attribute Mapping is mandatory for enabling users to successfully login into Joomla. We will be setting up user profile attributes for Joomla using below settings.
• Go to Step 3 [Attribute Mapping] tab and click on Test Configuration button.

• You will be able to see the attributes in the Test Configuration output as follows.

• Now go to the Step 3 [Attribute Mapping] tab and Select the attribute name for Email and Username from dropdown. Then click on Finish Configuration button.

Step 5: Setup Login/SSO URL

• Now go to Step 4 [SSO URL] tab, here copy the Login/SSO URL and add it to your Site by following the given steps.

• Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.

Related Articles

• What is OAuth 2.0?
• Frequently Asked Questions (FAQs)
• How to configure OAuth/OpenID Connect SSO with Azure AD?
• How to configure OAuth/OpenID Connect SSO with Salesforce?
• How to configure OAuth/OpenID Connect SSO with AWS Cognito?
• How to configure OAuth/OpenID Connect SSO with Discord?
• How to configure OAuth/OpenID Connect SSO with Facebook?
• How to configure OAuth/OpenID Connect SSO with Keycloak?