Search Results :

×

Microsoft Office 365 SSO Authentication into Joomla Setup Guide


Integration of Office 365 Single Sign-on (Microsoft azure Office 365 SSO) with Joomla using OAuth 2.0 Protocol. The miniOrange Joomla OAuth / OpenID Connect Single Sign-on (SSO) plugin makes it simple to set up Microsoft Office 365 SSO into Joomla and enable secure login into Joomla. As a result, users can log in to Joomla and access the site by authenticating with their Office 365 OAuth Provider credentials.

Visit our Joomla OAuth Client Plugin page to learn more about the features and Pricing plans we offer for the Joomla OAuth Single Sign-on (OAuth & OpenID connect) plugin.

Pre-requisites : Download And Installation

Setup Office 365 as OAuth Provider with Joomla OAuth Client

1. Download and Setup Joomla OAuth Client

  • Download the zip file for the miniOrange OAuth Client plugin for Joomla from the given link.
  • Login into your Joomla site’s administrator console.
  • From left toggle menu, click on System, then under Install section click on Extension.
  • Upload the downloaded zip file to install the Joomla OAuth Client plugin.
  • Installation of plugin successful. Now click on Start Using miniOrange OAuth Client plugin.
  • Under Configure OAuth tab. Select Office 365 as an OAuth Provider.
  • Office 365 Single Sign-On (SSO) OAuth/OpenID
  • Copy the Callback/Redirect URL form Configure OAuth tab of Joomla OAuth Client plugin. We will require it later.
  • Amazon AWS Cognito Single Sign-On (SSO) OAuth/OpenID

2. Configure Office 365 as OAuth Provider

  • Sign in to Azure portal.
  • Click on App Services and go to Manage Azure Active Directory.
  •  Office 365 (Microsoft Azure AD) Single Sign On (SSO) into Joomla , Home-Microsoft-Azure
  • In the left-hand navigation pane, click the App registrations service, and click New Registration. Then paste the copied Redirect URL in the given field.
  •  Office 365 OAuth/OpenID, App-Registration
  • When the create page appears, enter your application's registration information:
  • Name : Name of your application.
    Application type :
    1. Select "Web app / API" for client applications and resource/API applications that are installed on a secure server. This setting is used for OAuth confidential web clients and public user-agent-based clients. The same application can also expose both a client and resource/API.
    Sign-on URL :
    1. For "Web app / API" applications, provide the base URL of your app. eg, https://<domain-name> might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
  • When finished, click on Register.
  • Azure AD assigns a unique Application ID to your application. Copy Application ID and the Directory ID , this will be your Client ID and Tenent ID respectively.
  • Go to API permissions from the left navigaton pane and click on Add permissions.
  •  Office 365 (Microsoft Azure AD) Single Sign On (SSO) into Joomla , Overview
  • Click on Office 365 and add permission.
  •  Office 365 (Microsoft Azure AD) Single Sign On (SSO) into Joomla ,Request-api-permissions
  • Go to Certificates and Secrets from the left navigaton pane and click on New Client Secret. Enter description and expiration time and click on Add option.
  •  Office 365 (Microsoft Azure AD) Single Sign On (SSO) into Joomla ,Secret-key
  • Copy the secret key "value" and keep the value handy it will be required later to configure Client Secret under the miniOrange OAuth Client Plugin.
  •  Office 365 (Microsoft Azure AD) Single Sign On (SSO) into Joomla ,Secret-key-value

3. Integrating Joomla with Office 365

  • Go back to your Joomla Dashboard -> Components -> miniOrange OAuth Client -> Configure OAuth tab.
  • Paste the Client ID, Client Secret and Tenant, and click on Save Settings. Once Settings are saved then click on Test Configuration.
  • office 365 Single Sign-On (SSO) OAuth/OpenID

3.1. Scope & Endpoints

    Office 365 Endpoints and scope:

    Scope: openid email profile
    Authorize Endpoint for Office 365 OAuth / OpenID SSO : https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize
    Access Token Endpoint for Office 365 OAuth / OpenID SSO : https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token
    Get User Info Endpoint for Office 365 OAuth / OpenID SSO : https://graph.microsoft.com/beta/me
    Set Client Credentials: In Both (In Header and In Body)

3.2. Grant Types

  • Go to the Grant Settings and JWT tab. Here you can select the preffered grant type supported by your OAuth provider.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • The following grant types are supported: Authorization Token, Implicit Token, Client Credential and Refresh Token.

4. User Attribute Mapping [Premium Feature]

  • User Attribute Mapping is mandatory for enabling users to successfully login into Joomla. We will be setting up user profile attributes for Joomla using below settings.
  • Click on Test Configuration button, you will see all the values returned by your OAuth Provider to Joomla in a table.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Now go to do Attribute Mapping tab. Here you can map all the Attribute Mapping details in the given fields below.
  •  Okta Single Sign-On (SSO) OAuth/OpenID

5. Role/Group Mapping [Premium Feature]

  • Go to the Role Mapping tab. Here you can Enable Role Mapping and select default groups for new users.
  • Based on your provider application, you can allocate the Joomla role to your provider roles.
  •  Okta Single Sign-On (SSO) OAuth/OpenID

6. Login Settings [Premium Feature]

  • Now you can use Login / SSO URL to perform SSO.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
  • Go to the Login/Logout Settings tab. Here, you can configure user login/logout behavior for your Joomla application.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your Office 365 OAuth Provider.
  • Click on the Upgrade Plans tab to check out our complete list of features and various licensing plans. OR you can click here to check features and licensing plans.
  • If you want to purchase any of the paid version of the plugin, you have to register/login with us in Account Setup tab. OR you can register/login Here .
  • In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support button in the plugin or by sending us a mail at joomlasupport@xecurify.com.

You have successfully configured Joomla as OAuth Client for achieving Joomla Office 365 Single Sign-On (SSO) with Joomla for user authentication.


In this guide, you have successfully configured Joomla Office 365 Single Sign-On (SSO) by configuring Office 365 as OAuth Provider and Joomla as OAuth Client using our Joomla OAuth Client plugin.This solution ensures that you are ready to roll out secure access to your Joomla site using Office 365 login credentials within minutes.

Additional Resources


Mail us on joomlasupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com