ASP.NET OAuth Single Sign-On (SSO) Using WHMCS As OAuth Provider

ASP.NET OAuth Single Sign-On (SSO) module gives the ability to enable OAuth Single Sign-On for your ASP.NET applications. Using Single Sign-On you can use only one password to access your ASP.NET application and services. Our module is compatible with all the OAuth compliant Identity providers. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between ASP.NET and WHMCS considering WHMCS as OAuth Provider.

Pre-requisites : Download And Installation

• Download miniOrange ASP.NET OAuth 2.0 Module.
• For Setting up the connector, extract the asp-net-oauth-sso-module.zip, you will find a DLL file miniorange-oauth-sso.dll, a configuration file oauthsso.config and a integration.md file which contain the steps for adding the module into your application.

Steps to configure WHMCS Single Sign-On (SSO) Login into ASP.NET

1. Add the connector in your application

• Add miniorange-oauth-sso.dll in bin folder (where your other DLL files exists) for your application.
• Register miniorangeoauthsso module in your application according to the provided steps in the integration.md file.
• Add the provided configuration file oauthsso.config in the root directory for your application.
• After integration open browser and browse the connector dashboard with URL below:
  https:// <your-application-base-url>/?ssoaction=config
• If it pop up the registration page or login page, you have successfully added the miniOrange oauth sso connector for your application.

• Register or Login for configuring the connector.

2. Setup WHMCS as OAuth Provider

• First of all, go to your WHMCS domain and log into your WHMCS Administrator account.
• You will be presented with following screen. Go to Setup OpenID Connect on the navigation bar on top.

• Click on Generate New Client API Credentials button.

• You will be redirected to the app details page. Fill in the required details and enter Authorized Redirect URIs from miniOrange ASP.NET OAuth Client and click on Generate Credentials.

• You will be brought to App details page. Here, you can find Client ID and Client Secret which you will require in Step 3 to configure miniOrange ASP.NET OAuth Client.



WHMCS Endpoints and Scope:




Client ID :	Click Here
Client Secret :	Click Here
Scope:	openid profile email
Authorize Endpoint:	https://{yourWHMCSdomain}/oauth/authorize.php
Access Token Endpoint:	https://{yourWHMCSdomain}/oauth/token.php
Get User Info Endpoint:	https://{yourWHMCSdomain}/oauth/userinfo.php

3. Configure miniOrange ASP.NET OAuth Client

• After configuring your OAuth Provider, it will provide you with Client ID, Client Secret, Authorize Endpoint, Access Token Endpoint and Get User Info Endpoint. Configure these values under respective fields.
• Fill all the required details and click on Save Configuration.

4. Test Configuration

• After saving configuration, click on the Test Configuration button to verify if you have configured correctly.
• On successful configuration, you will get Attributes Name and Attribute Values on Test Configuration window. The below screenshot shows a successful result.
• 

5. Attribute Mapping

• Map Attribute Names provided by your OAuth Server with your ASP.NET application Attributes given under Attribute Mapping Section and click on Save Attribute Mapping.

• Note: All the mapped attributes will be stored in the session so that you can access them in your application.

6. Integration Code

• You can find the integration code in Integration Code tab in the connector. Just copy-paste that code snippet wherever you want to access the user attributes.

7. Add following link in your application for Single Sign-On (SSO)

• Use the following URL as a link in your application from where you want to perform SSO:
  http://base-url/?ssoaction=login
• For example you can use it as:
  <a href="http://base-url/?ssoaction=login”>Log in</a>"

You can configure the ASP.NET SAML 2.0 Single Sign-On (SSO) module with any Identity Provider such as ADFS, Azure AD, Bitium, Centrify, G Suite, JBoss Keycloak, Okta, OneLogin, Salesforce, AWS Cognito, OpenAM, Oracle, PingFederate, PingOne, RSA SecureID, Shibboleth-2, Shibboleth-3, SimpleSAML, WSO2 or even with your own custom identity provider.