What is OAuth / OpenID?
OAuth Server / OpenID Connect Server (OAuth 2.0 Server) also known as Authorization Server, It is the modern standard for securing access to APIs & implements network protocol flows which allow a client (OAuth Client) to act on behalf of a user. OAuth Server allows clients to verify the identity of end-users based on the authentication performed by an Authorization Server and also to obtain basic profile (Scope) information about the end-users in an interoperable and REST-like manner.
How does OAuth / OpenID work?
OAuth 2.0 Server is used to set up any Application as Identity Server to allow users to Single Sign-On / Login into their client site/application with login using OAuth / OpenID Connect protocol flows. The primary goal of this OAuth 2.0 server / Oauth Provider is to allow users to interact with multiple apps without requiring them to store sensitive credentials. You can easily configure an OAuth 2.0 / OpenID Connect server to protect your API with access tokens, or allow clients to request new access tokens and refresh them.
Joomla OAuth & OpenID Connect Single Sign-On (SSO) plugin enables secure login into Joomla using Office 365 as OAuth and OpenID Connect provider. You can also configure the plugin using different Oauth providers such as Azure B2C, Office 365, and other custom providers. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, Role mapping, multi-tenant login, etc. Here we will go through a guide to configure SSO between Joomla and Office 365. By the end of this guide, users should be able to login to Joomla from Office 365.
click here to know more about other features we provide in Joomla OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin
Download And Installation
- Log into your Joomla instance as an admin.
- Go to the Joomla Dashboard -> Extensions -> Manage and click on Install.
- Seach for a Joomla OAuth Client plugin and click on Install Now.
Step 1: Setup Office 365 as OAuth Provider
- Sign in to Azure portal.
- Click on App Services and go to Manage Azure Active Directory.
- In the left-hand navigation pane, click the App registrations service, and click New registration.
- When the Create page appears, enter your application's registration information:
||Name of your application.
|Application type :
- Select "Web app / API" for client applications and resource/API applications that are installed on a secure server. This setting is used for OAuth confidential web clients and public user-agent-based clients. The same application can also expose both a client and resource/API.
Sign-on URL :
- For "Web app / API" applications, provide the base URL of your app.
might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
- When finished, click Register. Azure AD assigns a unique Application ID to your application. Copy Application ID and the Directory ID , this will be your Client ID and Tenent ID.
- Go to API permissions from the left navigaton pane and click on Add permissions.
- Click on Office 365 and add permission.
- Go to Certificates and Secrets from the left navigaton pane and click on New Client Secret. Enter description and expiration time and click on ADD option.
- Copy value. This will be your Secret key.
- Enter application Home page URL Logout Settings->Properties->Logout URL.
Step 2: Configure miniOrange Joomla OAuth Client plugin.