Integration of IdentityServer4 Single Sign-on (IdentityServer4 SSO) with Joomla using OAuth 2.0 Protocol. The miniOrange Joomla OAuth / OpenID Connect Single Sign-on (SSO) plugin makes it simple to set up IdentityServer4 SSO into Joomla and enable secure login into Joomla. As a result, users can log in to Joomla and access the site by authenticating with their IdentityServer4 OAuth Provider credentials.

Visit our Joomla OAuth Client Plugin page to learn more about the features and Pricing plans we offer for the Joomla OAuth Single Sign-on (OAuth & OpenID connect) plugin.

Joomla OAuth Client Handbook

Please refer our detailed Handbook for the Joomla OAuth/OpenID Single Sign-On plugin, which gives an in-depth explanation of the various features of the plugin. You can get to the handbook at anytime directly from the plugin's UI for quicker access.

Pre-requisites : Download And Installation

Setup IdentityServer4 as OAuth Provider with Joomla OAuth Client

1. Download and Setup Joomla OAuth Client

• Download the zip file for the miniOrange OAuth Client plugin for Joomla from the given link.
• Login into your Joomla site’s administrator console.
• From left toggle menu, click on System, then under Install section click on Extensions.

• Upload the downloaded zip file to install the Joomla OAuth Client plugin.

• After successful installation of plugin, click on Start Using miniOrange OAuth Client plugin button.

• Under Configure OAuth tab. Select IdentityServer4 as an OAuth Provider.

• Copy the Callback/Redirect URL from Configure OAuth tab of Joomla OAuth Client plugin.

2. ConfigureIdentityServer4 as OAuth Provider

• Set up IdentityServer4 using guidelines provided here.
• From HereConfigure OAuth tab in Oauth Client plugin, collect Redirect/Callback URL and enter it into your IdentityServer4.
• Copy your Client ID and Client Secret and save it on your miniOrange OAuth Client plugin Configuration.
• You have successfully completed your IdentityServer4 OAuth Server side configurations.
• In Plugin, Add identity server.
• Enter your app name and use the following information to fill the details.
• Go to Configure OAuth tab and configure App Name, Client ID, Client Secret from provided Endpoints.
• openid is already filled but if it doesn't work then configure scope as User.Read and for fetching group info use scope is Directory.read.all.

3. Integrating Joomla with IdentityServer4

• Go back to your Joomla Dashboard. Then go to Components.
• Now go to the Joomla OAuth Client plugin, under Configure OAuth tab, enter the all the details. Then click on Save Settings and then click on Test Configuration.


• Please refer the below table for configuring the scope & endpoints for IdentityServer4 in the plugin.

Scope:	openid
Authorize Endpoint:	https://<your-domain>/connect/authorize
Access Token Endpoint:	https://<your-domain>/connect/token
Get User Info Endpoint:	https://<your-domain>/connect/userinfo
Custom redirect URL after logout:[optional] :	https://<your-domain>/connect/endsession?id_token_hint=##id_token##
Set Client Credentials:	In Both (In Header and In Body)

4. Test SSO and Attribute Mapping

• Once you click on Test Configuration button, You will be able to see the attributes in the Test Configuration output as follows.

• Now you have to do Attribute Mapping to perform SSO. Select the attribute name for Email and Username from dropdown. Then click on Save Attribute Mapping button.

• Now you can use Login / SSO URL to perform SSO.

• Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
• Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your IdentityServer4 OAuth Provider.
• Click on the Upgrade Plans tab to check out our complete list of features and various licensing plans. OR you can click here to check features and licensing plans.
• If you want to purchase any of the paid version of the plugin, you have to register/login with us in Account Setup tab. OR you can register/login Here .
• In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support button in the plugin or by sending us a mail at joomlasupport@xecurify.com

You have successfully configured Joomla as OAuth Client for achieving Joomla IdentityServer4 Single Sign-On (SSO) with Joomla for user authentication.

In this guide, you have successfully configured Joomla IdentityServer4 Single Sign-On (SSO) by configuring IdentityServer4 OAuth Provider and Joomla as OAuth Client using our Joomla OAuth Client plugin.This solution ensures that you are ready to roll out secure access to your Joomla site using IdentityServer4 login credentials within minutes.

Additional Resources

• What is OAuth 2.0?
• Frequently Asked Questions (FAQs)
• How to configure OAuth / OpenID Connect SSO with Azure AD
• How to configure OAuth / OpenID Connect SSO with Salesforce
• How to configure OAuth / OpenID Connect SSO with AWS Cognito
• How to configure OAuth / OpenID Connect SSO with Discord
• How to configure OAuth / OpenID Connect SSO with Facebook
• How to configure OAuth / OpenID Connect SSO with Google Apps
• How to configure OAuth / OpenID Connect SSO with Instagram
• How to configure OAuth / OpenID Connect SSO with Keycloak

Mail us on joomlasupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.