SAML Single Sign-On (SSO) into Drupal using Office 365 as IdP
Overview
The Drupal SAML integration using the miniOrange SAML SP module establishes seamless SSO between Office 365 and the Drupal site. The users will be able to log in to the Drupal site using their Office 365 credentials. This document will walk you through the steps to configure Single Sign-On - SSO between Drupal as a Service Provider (SP) and Office 365 as an Identity Provider (IdP). The module is compatible with with Drupal 7, Drupal 8, Drupal 9, Drupal 10 and Drupal 11.
Installation Steps
- Using Composer
- Using Drush
- Manual Installation
Configuration Steps
Drupal SAML SP Metadata
- Go to Configuration → People → SAML Login Configuration in the Administration menu. (/admin/config/people/miniorange_saml/idp_setup)
- Navigate to the Service Provider Metadata and download the metadata. (This is required in configuring the Office 365 as a SAML IdP)
Configure SAML Single Sign-On Application in Office 365
- Log into Azure AD admin console.
- Click on Microsoft Entra ID.
- Click on Add -> App Registrations.
- Enter the Application Name and enter Redirect URI (ACS URL from Drupal SP module from Service Provider Metadata Tab) then Click on Register.
- Click on API Permissions -> Add Permission then select API as Office 365 Management APIs.
- Under the Application permissions select the ActivityFeed.Read and click on the Add permissions button.
- Click on Overview -> Endpoints and copy the Federation metadata document URL.
- Navigate to the Service Provider Setup tab of the Drupal site and click on Upload IDP Metadata..
- Paste the previously copied App Federation Metadata Url (from Microsoft Entra ID) into the Upload Metadata URL text field.
- Click on the Fetch Metadata button.
- Click on the Test link to test the connection between Drupal and Office 365.
- In the test configuration window, a success message with SAML response attributes will appear if the configurations are correct; otherwise, error messages with additional troubleshooting instructions will appear. Click on Done.
- Open a new browser/private window and navigate to the Drupal site login page.
- Click the Login using Identity Provider (Office 365) link.
- You will be redirected to the Office 365 login page. Enter the Office 365 credentials. After successful authentication, the user will be redirected back to the Drupal site.
Configure Drupal as Service Provider:
Congratulations! You have successfully configured Office 365 as an Identity Provider and Drupal as a Service Provider.
How does SAML SSO login work?
Why choose us:
[MO_CONTACT_US]