setup guide to configure Azure AD with Drupal
Azure Active Directory as OAuth Provider Azure Active Directory (Azure AD) is a third-party OAuth/ OpenID Connect provider that can act as the OAuth/ OIDC server when your users log on to the Drupal website.
Step 1: Setup Azure Active Directory as OAuth Provider
- Sign in to Azure portal.
- In the left-hand navigation pane, click the Azure Active Directory service, click App registrations, and click New application registration.
- When the Create page appears, enter your application's registration information:
- Select "Native" for client applications that are installed locally on a device. This setting is used for OAuth public native clients
- Select "Web app / API" for client applications and resource/API applications that are installed on a secure server. This setting is used for OAuth confidential web clients and public user-agent-based clients. The same application can also expose both a client and resource/API.
- For "Web app / API" applications, provide the base URL of your app. eg, https://<domain-name>/oauth/callback might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
-
For "Native" applications, provide the URI used by Azure AD to return token responses. Enter a value specific to your application.
eg, https://localhost:8090 - When finished, click Create. Azure AD assigns a unique Application ID to your application. Copy Application ID, this will be your Client ID.
- Click on Settings > Keys.
- Enter description and expiration time. Click on Save option.
- Copy value. This will be your Secret key.
- Get Tenant ID : Click on Azure Active Directory > Properties. Copy Directory ID. This Directory ID will be your Tenant ID.
- Enter application Home page URL Logout Settings->Properties->Logout URL.
- Azure AD Endpoints and scope:
| Name : | Name of your application. |
| Application type : | |
| Sign-on URL : |
|
| Client ID : | from the step 10 above |
| Client Secret : | from the step 11 above |
| Scope: | openid |
| Authorize Endpoint: | https://login.microsoftonline.com/[tenant-id]/oauth2/authorize |
| Access Token Endpoint: | https://login.microsoftonline.com/[tenant]/oauth2/token |
| Get User Info Endpoint: | https://login.windows.net/common/openid/userinfo |
Step 2: Configure miniOrange Drupal Oauth Login module
- Click on Configuration tab in Drupal dashboard then click on Drupal OAuth Client Configuration.
- In Configure OAuth Application:
- Select Custom OpenID provider from dropdown list.
- Copy the Callback/Redirect URL and save it on your OAuth Provider.
- Fill in the following details:
- Then click on Save Configuration.
- Now click on the Test Configuration button. This Test Configuration link will give you the list of the attributes that are coming from your OAuth Provider.
- Copy the email and the name attributes and save them under the Attribute & Role Mapping tab in the Email Attribute and Name Attribute text field respectively.
- Now logout and go to your Drupal site’s login page, you will automatically find a Login with <your OAuth Provider link> there. If you want to add your login link to other pages as well, please follow the steps given in the below image:
- If you want to check out our complete list of features and our various licensing plans, you can go to the Licensing Plan tab in the module.
-
1) Custom app name
2) Display name
3) Client ID which is application ID from Step 1.
4) Client Secret which is key-value from step 1.
5) Scope
6) Authorize Endpoint
7) Access Token Endpoint
Please note: This step is mandatory for your login to work. Click on the Save Configuration button to save your attribute configurations.
Congratulations, you have successfully configured the miniOrange Drupal OAuth Login module.
×
![ADFS_sso]()
If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387.