IdentityServer3 OAuth / OpenID Connect Single Sign-On (SSO) into Joomla | IdentityServer3 SSO Login

IdentityServer3 OAuth / OpenID Connect Single Sign-On (SSO) into Joomla | IdentityServer3 SSO Login


Joomla OAuth & OpenID Connect Single Sign-On (SSO) plugin enables secure login into Joomla using IdentityServer3 as OAuth and OpenID Connect provider. You can also configure the plugin using different Oauth providers such as Azure B2C, Office 365, and other custom providers. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, Role mapping, multi-tenant login, etc. Here we will go through a guide to configure SSO between Joomla and IdentityServer3. By the end of this guide, users should be able to login to Joomla from IdentityServer3.

Click here to know more about other features we provide in Joomla OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin

Pre-requisites : Download And Installation


  • Log into your Joomla instance as an admin.
  • Go to the Joomla Dashboard -> Extensions -> Manage and click on Install.
  • Seach for a Joomla OAuth Client plugin and click on Install Now.

Steps to configure IdentityServer3 Single Sign-On (SSO) Login into Joomla

1. Setup IdentityServer3 as OAuth Provider

  • Go to Configure OAuth tab and configure App Name, Client ID, Client Secret from provided Endpoints.
  • openid is already filled but if it doesn't work then configure scope as User.Read and for fetching group info use scope is Directory.read.all.
  • Please refer the below table for configuring the scope & endpoints for IdentityServer3 in the plugin.

  • Scope: openid profile email phone address
    Authorize Endpoint: https://<your-domain>/identity/connect/authorize
    Access Token Endpoint: https://<your-domain>/identity/connect/token
    Get User Info Endpoint: https://<your-domain>/identity/connect/userinfo
    Custom redirect URL after logout:[optional] https://<your-domain>/identity/connect/endsession

You have successfully configured Joomla as OAuth Client for achieving IdentityServer3 login into your Joomla Site.


2. Configure Joomla as OAuth Client


  • Download the zip file for the miniOrange OAuth Client plugin for Joomla from the link here.
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Login into your Joomla site’s administrator console.
  • From left toggle menu, click on System, then under Install section click on Extension.
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Upload the downloaded zip file to install the Joomla OAuth Client plugin.
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • From left toggle menu click on Components, then click on miniOrange OAuth Client , then click on Configure OAuth tab.
  • Under Configure OAuth tab . Select your OAuth Provider. (If your OAuth Provider not listed then click on Custom OAuth/ Custom OpenID connect App .)
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Fill in the details you received from your OAuth Provider.
  • Copy the Redirect/Callback URL given in the plugin and click on the Save Settings button to save details in your OAuth Provider. Then click on Test Configuration button.
  • joomla oauth provider OAuth tab
  • After click on the Test Configuration button and copy the email and name attributes and save these attributes in Email Attribute and Name Attribute text field respectively. Now click on the Save Attribute Mapping button to save your configurations.
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Use the Login URL to perform the SSO of your pre-configured OAuth/OpenID Connect Provider, (After completing test configuration please copy the Login URL and Add a button on your site login page).
  • Joomla OAuth Client - Login URL
  • Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
  • Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your desired OAuth Provider.
  • Click on the Upgrade Plans tab to check out our complete list of features and various licensing plans. OR you can click here to check features and licensing plans
  • If you want to purchase any of the paid version of the plugin, you have to register/login with us in Account Setup tab. OR you can register/login Here
  • In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support button in the plugin or by sending us a mail at joomlasupport@xecurify.com.

  • Download the zip file for the miniOrange OAuth Client plugin for Joomla from the link here.
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Login into your Joomla site’s administrator console.
  • Go to Extension Manage Install in the top navigation bar to install the plugin.
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Upload the downloaded zip file to install the OAuth Client plugin.
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Navigate to Extensions Manage Manage and search for miniorange in the Search bar provided to see the list of the components.
  • Go to Components MiniOrange OAuth Client Configure OAuth tab from the top navigation bar to go to the configuration page of the plugin.
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Select your OAuth Provider from the Select Application dropdown. In case your OAuth Provider is not listed in the drop down, please select Custom OAuth Provider to continue.
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Fill in the details you received from your OAuth Provider.
  • Copy the Redirect/Callback URL given in the plugin and click on the Save Settings button to save details in your OAuth Provider.
  • Click on the Test Configuration button and copy the email and name attributes and save these attributes in Email Attribute and Name Attribute text field respectively. Now click on the Save Attribute Mapping button to save your configurations.
  •  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration  ClassLink Oauth / OpenID Connect Single Sign-on SSO for Joomla - App Client Configuration
  • Use the Login URL to perform the SSO of your pre-configured OAuth/OpenID Connect Provider, (After completing test configuration please copy the Login URL and Add a button on your site login page).
  • Joomla OAuth Client - Login URL
  • Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
  • Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your desired OAuth Provider.
  • Click on the Upgrade Plans tab to check out our complete list of features and various licensing plans. OR you can click here to check features and licensing plans
  • If you want to purchase any of the paid version of the plugin, you have to register/login with us in Account Setup tab. OR you can register/login Here
  • In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support button in the plugin or by sending us a mail at joomlasupport@xecurify.com.

Additional Resources


Mail us on joomlasupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com