Search Results :

×

Salesforce Drupal Single Sign-On – SSO Integration using OpenID Connect

Drupal SSO integration will allow the users to log in to the Salesforce using the Drupal site Credentials. This SSO integration is achieved by the miniOrange OAuth / OpenID Connect server module which uses the OAuth 2.0 and OpenID Connect protocol. The module is compatible with all OAuth / OpenID Connect clients and is available for Drupal 7, Drupal 8, Drupal 9, Drupal 10, and Drupal 11.

In this setup guide, we will help you configure the Single Sign-on login using the OAuth protocol between the Drupal site and the Salesforce.

  • Download the module:
    composer require 'drupal/oauth_server_sso'
  • Go to Extend menu on your Drupal admin console and enable the module by enabling the checkbox and click on Install button.
  • Configure the module at:
    {BaseURL}/admin/config/people/oauth_server_sso/config_client
  • Install the module:
    drush en oauth_server_sso
  • Clear the cache:
     drush cr
  • Configure the module at:
    {BaseURL}/admin/config/people/oauth_server_sso/config_client
  • Navigate to Extend menu on your Drupal admin console and click on Install new module.
  • Install the Drupal OAuth / OIDC Provider - Single Sign On (SSO) module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on Install button.
  • Configure the module at
    {BaseURL}/admin/config/people/oauth_server_sso/config_client
  • Login to your Salesforce account.
  • Switch to the Salesforce Classic mode from the profile menu.
Salesforce-OAuth-Client-Switch-to-Salesforce-Classic

  • Navigate to the Setup page.
Salesforce-OAuth-Client-Click-Setup-Top-Right-Corner

  • Search for Auth under the search bar in the left navigation panel.
  • Click on Auth Provider.
Salesforce-OAuth-Client-Select-Auth-Provider

  • Click on the New button.
Salesforce-OAuth-Client-Add-New-Auth-Provider

  • From the Provider Type dropdown, select Open ID Connect.
Salesforce-OAuth-Client-Select-Custom

  • Enter the Application name under the Name text field and copy the generated URL Suffix.
Salesforce-OAuth-Client-Enter-Application-Name

  • Go to Configuration → People → miniOrange OAuth Server Configuration in the Administration menu. (admin/config/people/oauth_server_sso/config_client)
Drupal-OAuth Server - select miniorange oauth serever configuration
  • Under the OAuth Client tab in the Add Client section enter the application name into the Application Name and paste the previously copied callback URL from the OAuth client into the Callback/Redirect URL text field.
  • Multiple Callback URLs can be added by clicking on the Add More button next to the text field.
  • Click on the Save button
Drupal OAuth Server - Add client - paste callback url
  • Navigate to the Salesforce dashboard and paste the copied Client ID under the Consumer Key text field.
Salesforce-OAuth-Client-Enter-Client-ID

  • Paste the copied Client Secret into the Consumer Secret text field.
Salesforce-OAuth-Client-Enter-Consumer-Secret

  • Add the Scope and Endpoints as specified in the table below (You can also get the same from the Scope & Endpoints section of the Drupal siteConfigurationminiOrange OAuth server configurationOAuth Client):-
  • Default Scopes profile openid email
    Authorize Endpoint URL {base_url_of_the_drupal_site}/mo/oauth2/authorize
    Token Endpoint URL {base_url_of_the_drupal_site}/mo/oauth2/token
    User Info Endpoint URL {base_url_of_the_drupal_site}/mo/oauth2/userinfo
Salesforce-OAuth-Client-Provide-Scope-and-Endpoints

  • Click on the Automatically create a registration handler template link.
Salesforce-OAuth-Client-Click-Automatic-Create-Registration-Handler

  • Click on the Search icon next to the Execute Registration Handler As text box.
Salesforce-OAuth-Client-Click-Execute-registration-handler

  • Select the Admin account from the list of users.
Salesforce-OAuth-Client-Select-Admin-Account

  • Click on the Save button.
Salesforce-OAuth-Client-Click-Save-button

  • Now, click on the AutocreatedRegHandler link next to the Registration Handler.
Salesforce-OAuth-Client-Click-Registration-Handler-Link

  • Click on the Edit button.
Salesforce-OAuth-Client-Edit-Registration-Handler

  • Remove the existing code, paste the following code, and click on the Save button.
  • global class AutocreatedRegHandlerMoDrupal implements Auth.RegistrationHandler{   
            global User createUser(Id portalId, Auth.UserData data){
                User u = new User();
                Profile p = [SELECT Id FROM profile WHERE name='Chatter Moderator User'];
                u.username = data.email.split('@')[0] + '@miniorange_drupal.com';
                u.email = data.email;
                u.lastName = 'Unknown';
                u.firstName = 'Unknown';
                u.languagelocalekey ='en_US';
                u.localesidkey = 'en_US';
                u.emailEncodingKey = 'UTF-8';
                u.alias = (data.email.split('@')[0].length() > 8) ? data.email.split('@')[0].substring(0, 8) : data.email.split('@')[0];
                u.timeZoneSidKey = 'America/Los_Angeles';
                u.profileId = p.Id;
                insert u;
                return u;
            }
        
            global void updateUser(Id userId, Id portalId, Auth.UserData data){
                  User u = new User(id=userId);
                  u.email = data.email;
                  update(u);
            }
        }        
       
Salesforce-OAuth-Client-Click-save

  • Please confirm that the Callback URL you previously entered in Drupal matches the one provided here. If there was a different configuration earlier, please update it to match the URL provided here.
Salesforce-OAuth-Client-Confirm-Callback-URL

  • In the left navigation panel search for My Domain and click on it.
Integrating Salesforce with Drupal OAuth/OIDC Provider - Search for My Domain from left navigation

  • Scroll down to the Authentication Configuration section and click on the Edit button.
Integrating Salesforce with Drupal OAuth/OIDC Provider - Click on Edit

  • Enable the checkbox next to the Application configured under the Authentication Service section and click on the Save button.
Integrating Salesforce with Drupal OAuth/OIDC Provider - Enable the checkbox Application configured

  • Open a new window/private browser and navigate to the login page of the Salesforce website.
  • Click on the Login with Drupal button.
Test SSO Connection between Salesforce and Drupal OIDC Provider - Click on Login with Drupal

  • Enter the Drupal credentials and click on the Log in button.
Login into Salesforce using Drupal OIDC Provider

  • You will be logged into Salesforce using Drupal credentials.

You have successfully performed the SSO between Salesforce and Drupal!

If you face any issues during the configuration or if you want some additional features, please contact us at drupalsupport@xecurify.com.

ADFS_sso ×
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com