What is OAuth / OpenID?
OAuth Server / OpenID Connect Server (OAuth 2.0 Server) also known as Authorization Server, It is the modern standard for securing access to APIs & implements network protocol flows which allow a client (OAuth Client) to act on behalf of a user. OAuth Server allows clients to verify the identity of end-users based on the authentication performed by an Authorization Server and also to obtain basic profile (Scope) information about the end-users in an interoperable and REST-like manner.
How does OAuth / OpenID work?
OAuth 2.0 Server is used to set up any Application as Identity Server to allow users to Single Sign-On / Login into their client site/application with login using OAuth / OpenID Connect protocol flows. The primary goal of this OAuth 2.0 server / Oauth Provider is to allow users to interact with multiple apps without requiring them to store sensitive credentials. You can easily configure an OAuth 2.0 / OpenID Connect server to protect your API with access tokens, or allow clients to request new access tokens and refresh them.
Joomla OAuth & OpenID Connect Single Sign-On (SSO) plugin enables secure login into Joomla using Orcid as OAuth and OpenID Connect provider. You can also configure the plugin using different Oauth providers such as Azure B2C, Office 365, and other custom providers. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, Role mapping, multi-tenant login, etc. Here we will go through a guide to configure SSO between Joomla and Orcid. By the end of this guide, users should be able to login to Joomla from Orcid.
click here to know more about other features we provide in Joomla OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin
Download And Installation
- Log into your Joomla instance as an admin.
- Go to the Joomla Dashboard -> Extensions -> Manage and click on Install.
- Seach for a Joomla OAuth Client plugin and click on Install.
Step 1: Setup Orcid as OAuth Provider
You have successfully completed your Orcid Oauth Server side configurations.
- First of all, go to https://orcid.org/signin and log into your ORCID account.
- Click Developer Tools at the top of your record.
- Click the "Register for the free ORCID public API" button
- Review and agree to the terms of service when prompted.
- After agreeing to the terms of service, you will be directed back to Developer Tools. Complete the form presented to register a new application.
- Click the Save icon at the bottom of the form to generate your API credentials.
- To view your API credentials, click Show Details.
- Your API credentials - Client ID and Client Secret - are shown just beneath your redirect URIs. Below your credentials are sample URLs and API calls with your credentials pre-filled.
|Access Token endpoint:
|Custom redirect URL after logout:[optional]
Step 2: Configure miniOrange Joomla OAuth Client plugin.