Search Results :

×

Configure Office 365 Single Sign-On (SSO) with Joomla OAuth Client Plugin

Single Sign-On (SSO) with Office 365 in Joomla uses OAuth Authorization to provide users secure access to the Joomla site. With our Joomla OAuth Single Sign-On (SSO) plugin, Office 365 acts as the OAuth provider, ensuring secure login for Joomla websites.

The integration of Joomla and Office 365 simplifies and secures the login process using OAuth protocol. This solution allows users to access their Joomla sites with Single Sign-On (SSO) using their Office 365 credentials, completely removing the need to store, remember, and reset multiple passwords.

In addition to offering OAuth Single Sign-On (SSO) using Office 365 credentials, the plugin also provides advanced SSO features like user profile attribute mapping, role mapping, and Azure multi-tenant login and providing site access based on organization email domains. For further insights into the array of features we offer within the Joomla OAuth & OpenID Connect Client plugin, kindly visit our page here. You can follow the below steps to setup Office 365 OAuth SSO with Joomla.


In this configuration, Office 365 functions as the OAuth server, while Joomla allows users to log in with their Office 365 credentials by utilizing the Joomla OAuth Client Plugin.

  • Login into your Joomla site’s Administrator console.
  • From left toggle menu, click on System, then under Install section click on Extensions.
  • Now click on Or Browse for file button to locate and install the plugin file downloaded earlier.
  • Installation of plugin is successful. Now click on Get Started!
  • Under Configure OAuth -> Pre-Configured Apps tab, select your OAuth Provider. You can also search for custom OAuth or custom OpenID application in the search bar, and configure your own custom provider.
Get Started with OAuth Client Setup

  • After selecting your OAuth provider, you will be redirected to the Step 1 [Redirect URL] tab. Now copy the Callback/Redirect URL which we will use to configure Microsoft Entra ID as OAuth Server, then click on the Save & Next button.
Get Started with OAuth Client Setup

Azure/Entra ID Dashboard

  • In the left-hand navigation panel, click the App registrations service, and click New registration.
New App Registration

  • Configure the following options to create a new application.
    • Enter a name for your application under the Name text field.
    • In supported account types, select 3rd option ‘Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)’.
    • In the Redirect URI section, select the Web application and enter the Callback URL from the miniOrange OAuth Client plugin (Configure OAuth tab) and save it under the Redirect URL textbox.
    • Click on the Register button to create your application.
Create Office 365 App

  • A unique Application ID is assigned to your application by Azure AD. Keep the Application ID and the Directory ID handy, they will become your Client ID and Tenant ID, which will be needed later to configure the miniOrange OAuth Client plugin.
Configure Office 365 App

  • Go to API permissions from the left navigation pane and click on Add permissions. Then select Office 365.
Add permissions

  • Select permissions and click on Add Permissions button.
Configure Office 365 Attribute Mapping

  • Go to Certificates and Secrets from the left navigation pane and click on New Client Secret. Enter description and expiration time and click on ADD option.
Configure Office 365 Attribute Mapping

  • Copy the secret key "value" and keep the value handy it will be required later to configure Client Secret under the miniOrange OAuth Client Plugin.

Note: The client secret for your developer application will expire in 180 days. To ensure continued functionality, you will need to generate a new client secret before the expiration and update it in the OAuth Single Sign-On plugin.

Configure Office 365 Attribute Mapping

  • Go back to your Joomla Dashboard. Then go to Step 2 [Client ID & Secret].
  • Paste the Client ID, Client Secret and Domain. Also Set Client Credentials In header then click on Save Settings. Once Settings are saved then click on Save Configuration.
Upload IdP
    Metadata

  • Scope & Endpoints are given below, which are required for configuring Joomla as OAuth Client plugin to configure Office 365 as a custom OAuth or OIDC provider.
Scope openid
Authorize Endpoint https://login.microsoftonline.com/{tenant-id}/oauth2/authorize
Access Token Endpoint https://login.microsoftonline.com/{tenant-id}/oauth2/token
Get User Info Endpoint https://graph.microsoft.com/v1.0/me

  • User Attribute Mapping is mandatory for enabling users to successfully login into Joomla. We will be setting up user profile attributes for Joomla using below settings.
  • Go to Step 3 [Attribute Mapping] tab and click on Test Configuration button.
Upload IdP
    Metadata

  • You will be able to see the attributes in the Test Configuration output as follows.
Upload IdP
    Metadata

  • Now go to the Step 3 [Attribute Mapping] tab and Select the attribute name for Email and Username from dropdown. Then click on Finish Configuration button.
Upload IdP
    Metadata

  • Now go to Step 4 [SSO URL] tab, here copy the Login/SSO URL and add it to your Site by following the given steps.
Upload IdP
    Metadata

  • Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.


ADFS_sso ×
Hello there!

Need Help? We are right here!

support