Search Results :

×
Sign Up Contact Us

Contents

Drupal SAML Single Sign On using Keycloak as Identity Provider

The Drupal SAML integration using the miniOrange SAML SP module establishes seamless SSO between Keycloak and the Drupal site. The users will be able to log in to the Drupal site using their Keycloak credentials. This document will walk you through the steps to configure Single Sign-On - SSO between Drupal as a Service Provider (SP) and Keycloak as an Identity Provider (IdP). The module is compatible with Drupal 7, Drupal 8, Drupal 9, and Drupal 10 and Drupal 11.

free trial plugin Play Ground plugin pricing button schedule meeting button Schedule a Meeting
  • Download the module: 
    Composer require 'drupal/miniorange_saml'
  • Navigate to Extend menu on your Drupal admin console and search for miniOrange SAML Service Provider using the search box.
  • Enable the module by checking the checkbox and click on install button.
  • Configure the module at 
    {BaseURL}/admin/config/people/miniorange_saml/idp_setup
  • Install the module: 
    drush en drupal/miniorange_saml
  • Clear the cache: 
     drush cr
  • Configure the module at 
    {BaseURL}/admin/config/people/miniorange_saml/idp_setup
  • Navigate to Extend menu on your Drupal admin console and click on Install new module button.
  • Install the Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on install button.
  • Configure the module at 
    {BaseURL}/admin/config/people/miniorange_saml/idp_setup
  • Go to ConfigurationPeopleSAML Login Configuration in the Administration menu. (/admin/config/people/miniorange_saml/idp_setup)
Drupal SAML SP - select miniOrange SAML Login Configuration
  • Under the Service Provider Metadata tab, copy the metadata URL by clicking the Copy button. (This is required to configure IdP.)
Drupal SAML SP - Copy SP Metadata URL
  • Log in to the Keycloak Admin console and select Create Realm.
Drupal-Keycloak-SAML-SP-Select-Realm

  • Enter the Realm name in the text field and click on the Create button.
Drupal-Keycloak-SAML-SP-Enter-Realm-Name-Click-Create-Button

  • Select Clients from the left navigation menu and click on the Import Client button.
Drupal-Keycloak-SAML-SP-Select-Clients-Click-Import-Client

  • Click on the Browse button and upload the metadata from the Drupal. Enter the client name in the Name text field and click on Save button.
Drupal-Keycloak-SAML-SP-Upload-SP-Metadata-File-Enter-Name-Click-on-Save

  • Scroll down to the SAML Capabilities and select email as Name ID format from the dropdown.
  • Turn on the Force name ID format button, then click on the Save button.
Drupal-Keycloak-SAML-SP-Select-Name-ID-Formate-Toggle-Button

  • Click on the Users form the left navigation menu. Click on the Create new user button.
Drupal-Keycloak-SAML-SP-Select-Users-Click-create-User-Button

  • Enter the Username and Email of a user in the respective text fields. Enable the Email verified button and click on the Create button.
Drupal-Keycloak-SAML-SP-Enter-User-Name-Mail-click-Create

  • Navigate to the Realm settings in left navigation menu and click on the SAML 2.0 Identity Provider Metadata link.
Drupal-Keycloak-SAML-SP-Navigate-Realm-Settings-Click-SAML-2.0-IdP-Metadata

  • Copy the URL of the Metadata page and keep it handy. (This is required to configure Drupal as a Service Provider)
Drupal-Keycloak-SAML-SP-Copy-Metadata-URL

  • Navigate to the Service Provider Setup tab of the Drupal site and click on Upload IDP Metadata.
Drupal-Keycloak-SAML-SP-Click-Upload-IDP-Metadata

  • Paste the previously copied Keycloak Metadata URL into the Upload Metadata URL text field. Click on the Fetch Metadata button.
drupal saml Single Sign On as SP - upload idp metadata url

Note and Contact Us - SSO between two WordPress sites
Note: To update Identity Provider Name, follow these steps:
  • Under Action, select the Edit.
  • Enter Keycloak in the Identity Provider Name text field.
  • Scroll down and click on the Save Configuration button.


  • Click on the Test link to test the connection between Drupal and Keycloak.
drupal saml Single Sign On as SP - click on Test link to check the connection

  • On a Test Configuration popup sign in using Keycloak credentials (if an active session is not present). After successful authentication, a list of attributes that are received from Keycloak will be displayed. Click on the Done.
drupal saml Single Sign On as SP - click on Done button

Congratulations! you have successfully configure Keycloak as SAML Identity Provider (IdP) and Drupal as SAML Service Provider.

  • Open a new browser/private window and navigate to the Drupal site login page.
  • Click the Login using Identity Provider (Keycloak) link.
  • You will be redirected to the Keycloak login page. Enter the Keycloak credentials. After successful authentication, the user will be redirected back to the Drupal site.
24x7 Support

24/7 Support

The Drupal developers at miniOrange offer quick and active support for your queries. We can assist you from choosing the best solution for your use case to deploying and maintaining the solution.

 Contact us
Case Study

Case Studies

miniOrange has successfully catered to the use cases of 400+ trusted customers with its highly flexible/customizable Drupal solutions.

 Read more
Other Solutions

Other Solutions

Feel free to explore other Drupal solutions that we offer the popular solutions used by our trusted customers include 2FA, User Provisioning, Website Security.

 Know More
ADFS_sso ×
Hello there!

Need Help? We are right here!

support