Search Results :

×

AWS Cognito SSO Login with Drupal OAuth Client | Drupal SSO Login


Drupal AWS Cognito SSO integration will allow you to configure Single Sign-On ( SSO ) login between your Drupal site and AWS Cognito using OAuth/OpenID protocol. Drupal OAuth 2.0/OpenID connect module gives the ability to enable login using OAuth 2.0/OIDC Single Sign-On to Drupal Site. We provide the Drupal OAuth/OpenID Client module for Drupal 7, Drupal 8, Drupal 9 and Drupal 10.
Here we will go through a guide to configure the SSO login between Drupal and AWS Cognito. By following these steps, users of AWS Cognito will be able to log into the Drupal site using their AWS Cognito credentials.
If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule an online meeting to help you configure the Drupal OAuth & OpenID Connect Login – OAuth2 Client SSO Login module.


Pre-requisite: Download and Installation 


  • Download the module:
    Composer require 'drupal/miniorange_oauth_client'
  • Navigate to Extend menu on your Drupal admin console and search for miniOrange OAuth Client Configuration using the search box.
  • Enable the module by checking the checkbox and click on the Install button.
  • You can configure the module at:
    {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
  • Install the module:
    drush en drupal/miniorange_oauth_client
  • Clear the cache:
     drush cr
  • You can configure the module at:
    {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
  • Navigate to Extend menu on your Drupal admin console and click on Install new module.
  • Install the Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on install button.
  • You can configure the module at:
    {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc

Video Setup AWS Cognito Single Sign-on Integration with Drupal OAuth/OpenID Client

You can refer the steps to configure AWS Cognito SSO integration with the Drupal OAuth/OIDC Client module from the Video or Documentation given below:


How to Integrate AWS Cognito Single Sign-on with Drupal OAuth/OpenID Client

1. Setup Drupal as OAuth Client

  • After installing the module, navigate to the Configuration tab and click on the Drupal OAuth Client Configuration module link.
  • Drupal OAuth Client - Configuration tab and select Drupal oauth client module
  • In the Configure OAuth tab, select AWS Cognito from the Select Application dropdown list.
  • Drupal OAuth Client - Select AWS Cognito
  • Copy the Callback/Redirect URL and keep it handy.
  • Please Note: If your provider only supports HTTPS Callback/Redirect URL and you have an HTTP site, just save your base site URL in the Sign In Settings tab with HTTPS.

  • Enter the application name in the Display Name text field. For example, AWS
  • Drupal OAuth Client - Configure OAuth - Copy the Callback URL

2. Setup AWS Cognito as an OAuth Provider

  • Login to AWS console.
  • Search for Cognito and click on it.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Login AWS Console
  • Click on Create user pool button to create new user pools. (User Pool is a user directory. Users in User Pool can access the app using AWS Cognito credentials.)
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Manage Pool
  • Select the Provider types (keep it default if you are not sure) and the Cognito user pool sign-in options as per requirement.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create Pool
  • Select the appropriate options based on the need from the Password policy, Multi-factor authentication, User account recovery and click on Next button.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO User Pool
  • Select the suitable options from the Configure sign-up experience as per requirements and click on the Next button.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Add App Client
  • Choose the message delivery option. Click on the Next button.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create App Client
  • Enter the User Pool name. Under the Initial app client select the Confidential client radiobutton. Enter the App client name. Click on the Next button
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create App Client
  • Verify the required information, scroll down and click on Create user pool button.
  • Now search for the user pool you created and click on it.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create App Client
  • Now, lets create a user for the app.
  • Click on Create user.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create App Client
  • Enter the user information like email and password and click on Create User button.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Allowe Scopes OAuth Flows
  • Click on App integration.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Allowe Scopes OAuth Flows
  • Under Domain section expand Actions and click on Create Cognito Domain.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO App Client ID
  • Enter the domain name and click on Create Cognito Domain. Copy the Cognito domain it will be required later for Authorization and Access Token endpoints.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Domain Name
  • Scroll down, find your app and click on it.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Domain Name
  • Scroll down to Hosted UI. Click on Edit button.
  • Click on Add callback URL button.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create User
  • Paste the copied Callback/Redirect URL into the URL text field.
  • Click on Save button.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create User
  • Copy the ClientID and Client Secret.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO User and Groups
  • Go to miniOrange OAuth Client module. Paste the copied Client ID and Client Secret into the respective field.
  • Replace the inital URL with the Cognito domain for the Authorize Endpoint and Access Token Endpoint textfields. Enable the Login with OAuth checkbox and click on Save Configuration button.
  • The Send Client ID and Secret in header or body checkbox is used to send client ID and secret inside header or body of the Token End Point Request.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) AWS Cognito SSO Create User

You have succesfully configured AWS Cognito as OAuth server and Drupal as OAuth client.

3. Test Configuration of Drupal with AWS Cognito

  • After succesfully saving the configuration, click on Test Configuration to test the connection between Drupal and AWS.
  • AWS Cognito sso login with drupal OAuth OpenID Single Single On test Configuration
  • This Test Configuration window will provide you with a list of the attributes that are coming from the AWS Cognito.
  • Select the Email Attribute from the dropdown menu in which the user's email ID is obtained and click on the Done button.
  • AWS Cognito sso login with drupal OAuth OpenID Single Single On
  • Now, in the Attribute & Role Mapping tab, you can also choose the Username Attribute from the dropdown and click on the Save Configuration button.
  • AWS Cognito sso login with drupal OAuth OpenID Single Single On

    Please note: Mapping the Email Attribute is mandatory for your login to work.

  • Now log out and go to your Drupal site’s login page. You will automatically find a Login with AWS Cognito link there. If you want to add the SSO link to other pages as well, please follow the steps given in the image below :
  • AWS Cognito sso login with drupal OAuth OpenID Single Single On

24*7 Active Support

If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal OAuth/OpenID Single Sign On module.

Additional Resources

Our Other modules

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com