AWS Cognito SSO Login with Drupal OAuth Client | Drupal SSO Login


Drupal AWS Cognito SSO integration will allow you to configure Single Sign-On ( SSO ) login between your Drupal site and AWS Cognito using OAuth/OpenID protocol. Drupal OAuth 2.0/OpenID connect module gives the ability to enable login using OAuth 2.0/OIDC Single Sign-On to Drupal Site. We provide the Drupal OAuth/OpenID Client module for Drupal 7, Drupal 8, and Drupal 9.
Here we will go through a guide to configure the SSO login between Drupal and AWS Cognito. By following these steps, users of AWS Cognito will be able to log into the Drupal site using their AWS Cognito credentials.
If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule an online meeting to help you configure the Drupal OAuth & OpenID Connect Login – OAuth2 Client SSO Login module.

Video Setup AWS Cognito Single Sign-on Integartion with Drupal OAuth/OpenID Client

You can refer the steps to Configure AWS Cognito SSO integration with the Drupal OAuth/OIDC Client module from the Video or Documentation given below:




Features and Pricing

Know more about Drupal OAuth/OpenID Single Sign On from here.

Pre-requisites: Download

You can download the Drupal OAuth/OpenID Single Sign On module from here.

1. Install Drupal OAuth Client module

    1.1. Using Composer:

    • For Windows:
      Composer require drupal/miniorange_oauth_client
    • For Linux:
      Composer require 'drupal/miniorange_oauth_client'
    • Navigate to Extend menu on your Drupal admin console and search for miniOrange OAuth Client Configuration using the search box.
    • Enable the module by checking the checkbox and click on the Install button.
    • You can configure the module at:
      {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc

    1.2. Using Drush:

    • Download the module:
      drush dl drupal/miniorange_oauth_client
    • Install the module:
      drush en drupal/miniorange_oauth_client
    • Clear the cache:
       drush cr
    • You can configure the module at:
      {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc

    1.3. Manual installation:

    • Navigate to Extend menu on your Drupal admin console and click on Install new module.
    • Install the Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login module either by downloading the zip or from the URL of the package (tar/zip).
    • Click on Enable newly added modules.
    • Enable this module by checking the checkbox and click on install button.
    • You can configure the module at:
      {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
  • Navigate to the Configure OAuth tab and search for your Provider/Application using the search box. If you can't find a desired application/provider, select Custom OAuth Provider.
  • Drupal OAuth Client - Configure module
  • Copy the Callback/Redirect URL and keep it handy.
  • Drupal OAuth Client - Configure OAuth tab

2. Setup AWS Cognito as an OAuth Provider

  • Sign in to AWS Amazon.
  • Now enter “Cognito” in search textbox & select Cognito from dropdown.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Login AWS Console
  • Go to “Manage your user pools”
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Manage Pool
  • Click on “Create a user pool”
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create Pool
  • Add pool name and select “Review Defaults”.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO User Pool
  • Click on “Add app client” & then click on Add an app client
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Add App Client
  • Enter App client name & then Click on “Create app client”.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create App Client
  • Click on Return to pool details. After this click on “Create Pool”.
  • Navigate to App client settings.
    • Select “Cognito User Pool”, add callback URL. You will get this callback URL from the plugin.
    • Add application home page URL has to Sign out URL.
    • Also, select Authorization code grant as “Allowed OAuth Flows” & select OpenID as “Allowed OAuth Scopes”.
    • After selecting all details click on Save changes button.
    • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Allowe Scopes OAuth Flows

    3. Integrating Drupal with AWS Cognito

  • Go to “App client” and click on “Show details” to get a client ID and client secret.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO App Client ID
  • Go to domain name and enter a domain name for your app. After adding domain name you can check its availability by clicking on “Check availability” button. After entering valid domain name click ”Save changes” button.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Domain Name
  • Complete domain name: The complete domain name that you need to enter in plugin is {your domain name}.auth.{region name}.amazoncognito.com
  • Add Users / Groups to Cognito App : Go to Users and groups and then click on Users. After this click on Create user.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO User and Groups
  • Fill all required informations and click on Create user.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create User
  • Click on Groups and then click on Create group.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create Group
  • Fill all required informations and click on Create group.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Group Info
  • AWS Cognito Endpoints and scope:
  • Scope: openid
    Authorize Endpoint: https://<cognito-app-domain>/oauth2/authorize
    Access Token Endpoint: https://<cognito-app-domain>/oauth2/token

    4. Test Configuration of Drupal with AWS Cognito

    • After successfully saving the configurations, please click on the Test Configuration button to test the connection between Drupal and AWS Cognito.
    • AWS Cognito sso login with drupal OAuth OpenID Single Single On DeviantArt test Configuration
    • This Test Configuration window will provide you with a list of the attributes that are coming from the AWS Cognito.
    • Select the Email Attribute from the dropdown menu in which the user's email ID is obtained and click on the Done button.
    • AWS Cognito sso login with drupal OAuth OpenID Single Single On DeviantArt test Configuration successfully
    • Now, in the Attribute & Role Mapping tab, you can also choose the Username Attribute from the dropdown and click on the Save Configuration button.
    • AWS Cognito sso login with drupal OAuth OpenID Single Single On DeviantArt test Configuration successfully

      Please note: Mapping the Email Attribute is mandatory for your login to work.

    • Now log out and go to your Drupal site’s login page. You will automatically find a Login with AWS Cognito link there. If you want to add the SSO link to other pages as well, please follow the steps given in the image below :
    • AWS Cognito sso login with drupal OAuth OpenID Single Single On DeviantArt test Configuration successfully

    24*7 Active Support

    If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal OAuth/OpenID Single Sign On module.

    Additional Resources

    Our Other modules

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com