Search Results :

×

Setup Office 365 Single Sign-on with Drupal OAuth Client

Drupal miniOrange SSO integration will allow you to configure Single Sign-On ( SSO ) login between your Drupal site and Office 365 using OAuth/OpenID protocol. Drupal OAuth 2.0/OpenID connect module gives the ability to enable login using OAuth 2.0/OIDC Single Sign-On to Drupal Site. We provide the Drupal OAuth/OpenID Client module for Drupal 7, Drupal 8, Drupal 9 and Drupal 10, Drupal 11.

  • Download the module:
    composer require 'drupal/miniorange_oauth_client'
  • Navigate to Extend menu on your Drupal admin console and search for miniOrange OAuth Client Configuration using the search box.
  • Enable the module by checking the checkbox and click on the Install button.
  • You can configure the module at:
    {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
  • Install the module:
    drush en drupal/miniorange_oauth_client
  • Clear the cache:
     drush cr
  • You can configure the module at:
    {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
  • Navigate to Extend menu on your Drupal admin console and click on Install new module.
  • Install the Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on install button.
  • You can configure the module at:
    {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
  • Go to ConfigurationPeopleminiOrange OAuth Client Configuration in the Administration menu. (/admin/config/people/miniorange_oauth_client)
Drupal OAuth Client - select mimiorange OAuth Client Configuration
  • Under the Configure OAuth tab select desired OAuth Provider from the dropdown.
  • Note and Contact Us - SSO between two WordPress sites

    Note: If the desired OAuth Provider is not listed in the dropdown, please select Custom OAuth Provider / Custom OpenID Provider and continue.

Drupal OAuth Client - select OAuth Provider
  • Copy the Callback/Redirect URL and keep it handy. This will be required while configuring the OAuth Provider.
  • Note and Contact Us - SSO between two WordPress sites

    Note: If your provider only supports HTTPS Callback/Redirect URLs and you have an HTTP site, please make sure to enable the 'Enforce HTTPS Callback URL' checkbox at the bottom of the tab.


  • Enter the OAuth provider name in the Display Name text field.
Drupal OAuth Client - Copy Callback URL
  • Log in/Sign up for the Microsoft Office 365 Admin console.
  • Go to the Azure services section and select Azure Active Directory service.
Drupal OAuth Client Microsoft Office 365 SSO - Select Azure Active Directory

  • Navigate to the App registration -> New registration from the left navigation menu.
Drupal OAuth Client Microsoft Office 365 SSO - Click on App registration then click New registration
  • Enter the following information on the Register an Application page:
    • Enter the display name for the application in Name text field.
    • Supported account types: Select Accounts in this organizational directory only (Test only - Single tenant). If you are unsure which option to select, click on the Help me choose link.
    • Redirect URI (optional): Select a Platform as Web. Paste the copied Callback/Redirect URL into the Redirect URI text field.
Drupal OAuth Client Microsoft Office 365 SSO - Register an application, provide the required details
  • Click on the Register button to create the new application.
  • Copy the Application (client) ID from the Microsoft Office portal.
Microsoft Azure Office 365 - Copy the Application (client) ID
  • Go to Drupal's Configure OAuth and paste the copied Application ID into the Client ID text field.
Drupal OAuth OIDC Client Configuration - Paste it into the Client ID field
  • On the Microsoft Office portal, click on Add a certificate or secret under the Essentials section.
DrupalOAuth2 Microsoft Azure O365 - Add a client secret
  • Click on the New client secret button.
  • Provide the required information on the Add a client secret window:
    • Enter a Description for this client secret
    • Select Expires duration from the dropdown.
Microsoft Azure O365 - Enter Description and Duration
  • Click on the Add button.
  • Then, copy the Value from the Client secrets tab. It's your app’s Client Secret key.
Microsoft Azure O365 - Copy client secret value
  • Go to Drupal's Configure OAuth tab and paste the copied Client secrets Value into the Client Secret text field.
Drupal OAuth OIDC Client Configuration - Paste copied client secret value into Client Secret text field
  • Go to the Microsoft Office 365 portal, navigate to the API permissions -> Add a permission -> Microsoft APIs -> Office 365 Management APIs -> Application permissions.
Microsoft Office 365 - Click on API Permissions - Add API permission - Microsoft APIs - Office 365 Management APIs - Applcation permissions
  • Select desired Permissions and click on the Add permissions button.
Microsoft Office 365 - Select Permission
  • Navigate to the Overview and click on Endpoints button.
  • Copy the OAuth 2.0 authorization endpoint (v2) & OAuth 2.0 token endpoint (v2).
Microsoft Office 365 - Click on Endpoints
  • Navigate to Drupal’s Configure OAuth tab and paste the authorization endpoint and token endpoint into the respective test fields.
Drupal OAuth OIDC Client Configuration - Paste the OAuth 2.0 token Endpoint and OAuth 2.0 token endpoint in the corresponding text fields
  • Click on Save Configuration button.
  • You can also refer the Office 365 Endpoints and Scope in the table below:
  • Scope openid
    Authorize Endpoint https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/authorize
    Access Token Endpoint https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token
    Get User Info Endpoint https://graph.microsoft.com/oidc/userinfo
  • After successfully saving the configurations, please click on the Perform Test Configuration button to test the connection between Drupal and OAuth Provider.
OAuth-OIDC-Client-Configuration-Check-Connection-with-OAuth-Provider
  • On a Test Configuration popup, if you don't have any active sessions on the same browser, you will be requested to login to the OAuth Provider. After successfully logging, you will be provided a list of attributes received from the OAuth Provider.
  • Select the Email Attribute from the dropdown menu in which the user's email ID is obtained and click on the Done button.
  • Note and Contact Us - SSO between two WordPress sites

    Note: Mapping the Email Attribute is mandatory to perform SSO i.e. login to the Drupal site with OAuth Provider credentials.

Drupal OAuth Client - select Email Attribute
  • On the Attribute & Role Mapping tab, please select the Username Attribute from the dropdown list and click on the Save Configuration button.
Drupal OAuth Client - select user attribute and click save configuration
  • Now log out and go to your Drupal site’s login page. You will automatically find a Login with OAuth Provider link there. If you want to add the SSO link to other pages as well, please follow the steps given in the image below:
Drupal OAuth Client - add link on other pages

If you face any issues during the configuration or if you want some additional features, please contact us at drupalsupport@xecurify.com.

More FAQs ➔

Follow the steps mentioned HERE

Follow the steps mentioned HERE

The logout functionality you've mentioned here is the default behavior of a module. It's logging you out of Drupal but not from your Application/Provider. To allow the module to logout from your provider/application account (what you are looking for), you need to make the below configurations: [know more]

As you have upgraded to one of our paid versions of the Drupal module and replaced the free module with the paid one, you must first activate the paid module. Please refer to the below steps. [Know more]

ADFS_sso ×
Hello there!

Need Help? We are right here!

support