OAuth / OpenID Connect Single Sign-On (SSO) into Joomla using miniOrange | miniOrange SSO Login




What is OAuth / OpenID?


OAuth Server / OpenID Connect Server (OAuth 2.0 Server) also known as Authorization Server, It is the modern standard for securing access to APIs & implements network protocol flows which allow a client (OAuth Client) to act on behalf of a user. OAuth Server allows clients to verify the identity of end-users based on the authentication performed by an Authorization Server and also to obtain basic profile (Scope) information about the end-users in an interoperable and REST-like manner.


How does OAuth / OpenID work?


OAuth 2.0 Server is used to set up any Application as Identity Server to allow users to Single Sign-On / Login into their client site/application with login using OAuth / OpenID Connect protocol flows. The primary goal of this OAuth 2.0 server/Oauth Provider is to allow users to interact with multiple apps without requiring them to store sensitive credentials. You can easily configure an OAuth 2.0/OpenID Connect server to protect your API with access tokens, or allow clients to request new access tokens and refresh them.


Joomla OAuth & OpenID Connect Single Sign-On (SSO) plugin enables secure login into Joomla using miniOrnage as OAuth and OpenID Connect provider. You can also configure the plugin using different Oauth providers such as Azure B2C, Office 365, and other custom providers. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, Role mapping, multi-tenant login, etc. Here we will go through a guide to configure SSO between Joomla and miniOrnage. By the end of this guide, users should be able to login to Joomla from miniOrnage.

click here to know more about other features we provide in Joomla OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin

Step 1: Install OAuth Client plugin. (If you have already installed the plugin, you can skip to step 2)

  • Download the zip file of the miniOrange OAuth Client plugin for Joomla from the link here.
  • Joomla OAuth Client Plugin - Download
  • Login into your Joomla site’s administrator console.
  • Go to Extension Manage Install in the top navigation bar to install the plugin.
  • Joomla OAuth Client Plugin - Install
  • Upload the downloaded zip file to install the OAuth Client plugin.
  • Joomla OAuth Client Plugin - Upload

Step 2: miniOrange Joomla OAuth Client plugin - Callback URL

  • Go to Components miniOrange OAuth Client in the top navigation bar to go to the configuration page of the plugin.
  • Joomla OAuth Client Plugin - Component
  • In the Configure OAuth tab, select your OAuth/OpenID Connect provider. If your OAuth/OpenID Connect provider is not listed, you can select Custom OAuth/OpenID Connect provider to continue.
  • Joomla OAuth Client Plugin - Configure OAuth
  • Copy the Redirect/Callback URL given in the plugin and keep it handy because you will need it in the next step.
  • Joomla OAuth Client - Test Configuration

Step 3: Configure miniOrange as an OAuth/OpenID Connect Server.

  • Go to https://login.xecurify.com/moas/login and login to your miniOrange account.
  • From the left menu, go to Apps Manage Apps.

    OAuth/OpenID/OIDC Single Sign On (SSO), miniOrange SSO, New Application Creation
  • In the right upper corner, select Add Application.

    OAuth/OpenID/OIDC Single Sign On (SSO), miniOrange SSO,Configure App
  • Navigate to OAuth/OIDC card, click on Create App.

    OAuth/OpenID/OIDC Single Sign On (SSO), miniOrange SSO,Add Application
  • Select the Application of your choice.

    OAuth/OpenID/OIDC Single Sign On (SSO), miniOrange SSO,Add OAuth Application
  • Now enter the following information as shown below:
    Client Name App name you want to provide.
    Redirect-URL Enter Callback URL-{oauth_client_base_url}/plugins/servlet/oauth/callback from Configure OAuth tab of the plugin
    OAuth/OpenID/OIDC Single Sign On (SSO), miniOrange SSO, Fill Application Information

  • For adding the policy for OAuth App, select Group Name as Default and enter the Policy Name of your choice, and select Login Method as Password.

    OAuth/OpenID/OIDC Single Sign On (SSO), miniOrange SSO,Create Policy

  • Click on save button. Your app has been successfully created.
  • Your application is configured. Now, go to Apps > Manage Apps > Your app > Select > Edit.

     OAuth/OpenID/OIDC Single Sign On (SSO), miniOrange SSO,Application Configured
  • You can see all the information for the app like Client ID and Client Secret .Also OAuth endpoints are mentioned, you will require Authorize Endpoint and Access Token Endpoint in further step.
    Scope: email profile openid
    Authorize EndPoint: https://login.xecurify.com/moas/idp/openidsso
    Access Token Endpoint: https://login.xecurify.com/moas/rest/oauth/token
    User Info Endpoint: https://logins.xecurify.com/moas/rest/oauth/getuserinfo

Step 4: Configure miniOrange Joomla OAuth Client plugin.

  • Paste the Client ID and Client Secret which you copied in the last step and save it in the respective fields and then click on the Test Configuration button.
  • Joomla OAuth Client - Test Configuration
  • Now copy the email and name attributes you got in the test configuration and save these attributes in Email Attribute and Username Attribute text field respectively. Now click on the Save Attribute Mapping button to save your configurations.
  • Joomla OAuth Client - Attribute Mapping
  • You would find appropriate URL for performing the SSO after selecting the OAuth/OpenID Connect provider in the Login URL field (After completing test configuration please copy the Login URL and Add a button on your site login page).
  • Joomla OAuth Client - Login URL
  • Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button.
  • Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your desired OAuth Provider.
  • Click on the Upgrade Plans tab to check out our complete list of features and various licensing plans.
  • If you want to purchase any of the paid version of the plugin, you have to register/login with us in Account Setup tab.
  • In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support button in the plugin or by sending us a mail at joomlasupport@xecurify.com.

Free Trial

If you are looking for anything which you cannot find, please drop us an email on joomlasupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com