Joomla OAuth Client Integration with Okta Single Sign-On (SSO)
Set up Single
Sign-On (SSO) on your Joomla site via Okta
provider with the help of Joomla OAuth & OpenID
Connect plugin. Integrating Okta Single Sign-On (SSO) into Joomla using OAuth 2.0
your users to securely login into your Joomla websites and applications by authenticating with Okta OAuth provider.
The Okta OAuth Joomla plugin also provides advanced features
Auto create users, Attribute Mapping, Group
Go to the Okta Admin panel. Go to Applications -> Applications.
You will get the following screen. Click on Create App Integration button.
Select Sign in method as the OIDC - OpenID Connect option and select Application type as
Web application, click on Next button.
You will be redirected to the app details page. Enter App integration name and Sign-in
redirect URLs which we copied as Callback/Redirect URL.
Scroll down and you will see the Assignments section. Select an option for controlled access as
Allow everyone in your organization to access, untick the Enable immediate access with Federation
Broker Mode and then click on Save button.
Now you will get the Client ID and Client Secret . Keep these credentials
handy for configuring miniOrange OAuth Client Single Sign-On (SSO) plugin.
From right top header, you will get your domain name. Keep the domain name handy.
Note: Copy the Okta domain to
configure Joomla OAuth Single Sign-On (SSO) plugin. eg.( https://dev-32414285-admin.okta.com ) then your domain
is dev-32414285.okta.com .
3. Integrating Joomla
Go back to your Joomla Dashboard. Then go to Components, then
miniOrange OAuth Client and click on Configure OAuth tab.
Paste the Client ID, Client Secret and Domain. Also Set Client Credentials In header then
click on Save Settings to save your Configuration.
3.1. Scope &
Scope & Endpoints are given below, which are required for configuring Joomla as OAuth Client
configure Okta as a custom OAuth or OIDC provider.
User Attribute Mapping is mandatory for enabling users to successfully login into Joomla. We will be setting
up user profile attributes for Joomla using below settings.
Click on Test Configuration button, you will see all the values returned by your OAuth Provider to
Joomla in a table.
Now go to do Attribute Mapping tab. Here you can map all the Attribute Mapping details in the given
Mapping [Premium Feature]
Go to the Role Mapping tab. Here you can Enable Role Mapping and select
default groups for new users.
Based on your provider application, you can allocate the Joomla role to your provider roles.
6. Fetch Okta Groups
Click on the Sign On tab in your Okta application.
Go to the OpenID Connect ID Token section by scrolling down.
Under Group claims filter section, enter groups as the default name, and then select
regex from the
drop down list and enter .* (without spaces) to return all the user's Groups. Click on Save
7. Steps to
Create Custom Claims in Okta
Go to the Okta Admin panel ->Security -> API.
Click on Add Authorization Server button.
After creating a new Authorization Server, click on the Edit icon as shown below.
Go to Claims and click on Add Claim button.
After creating a custom claim, go to Access Policies and select Add Policy.
After creating a new policy in the Access Policies tab, click on Add rule button.
Give a name to the rule. Keep other settings as default and click on Create
8. Login Settings
Now you can use Login / SSO URL to perform SSO.
Now logout and go to your Joomla site's pages where you have added this link. You will see a login link
you placed that button. Click on this button to perform SSO.
Go to the Login/Logout Settings tab. Here, you can configure user login/logout behavior for
your Joomla application.
Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your Okta
Click on the Upgrade Plans tab to check out our complete list of features and various licensing
OR you can click here to check features and licensing plans.
If you want to purchase any of the paid version of the plugin, you have to register/login with us in
Account Setup tab. OR you can register/login Here .
In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your
query through the Support button in the plugin or by sending us a mail at email@example.com.
In this guide, you have learned how to configure Joomla Okta Single Sign-On (SSO) by configuring Okta as
Provider and Joomla as OAuth Client using our Joomla OAuth & OpenID Connect
ensures that you are ready to roll out secure access to your Joomla site using Okta login credentials within
Mail us on firstname.lastname@example.org for quick
guidance(via email/meeting) on your requirement and our team will help you to select the best suitable
as per your requirement.
Need Help? We are right here!
Contact miniOrange Support
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to email@example.com
This privacy statement applies to miniorange websites describing how we handle the personal
When you visit any website, it may store or retrieve the information on your browser, mostly in the
form of the cookies. This information might be about you, your preferences or your device and is
mostly used to make the site work as you expect it to. The information does not directly identify
you, but it can give you a more personalized web experience.
Click on the category headings to check how we handle the cookies.
Strictly Necessary Cookies
Necessary cookies help make a website fully usable by enabling the basic functions like site
navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any
personal identifiable information. However, some parts of the website will not work properly without
These cookies only collect aggregated information about the traffic of the website including -
visitors, sources, page clicks and views, etc. This allows us to know more about our most and least
popular pages along with users' interaction on the actionable elements and hence letting us improve
the performance of our website as well as our services.