Search
START TYPING AND PRESS ENTER TO SEARCH

Azure AD SSO Login with Drupal OAuth Client | Drupal SSO Login

Drupal Azure AD SSO integration will allow you to configure Single Sign On ( SSO ) login between your Drupal site and Azure AD using OAuth/OpenID protocol. Drupal OAuth 2.0/OpenID connect module gives the ability to enable login using OAuth 2.0/OIDC Single Sign-On to Drupal Site. We provide the Drupal OAuth/OpenID Client module for Drupal 7, Drupal 8, and Drupal 9.
Here we will go through a guide to configure the SSO login between Drupal and Azure AD. By following these steps, users of Azure AD will be able to log into the Drupal site using their Azure AD credentials.
If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule an online meeting to help you configure the Drupal OAuth & OpenID Connect Login – OAuth2 Client SSO Login module.


Video Setup Azure AD Single Sign-on Integartion with Drupal OAuth/OpenID Client

You can refer the steps to Configure Azure AD SSO integration with the Drupal OAuth/OIDC Client module from the Video or Documentation given below:




Features and Pricing

Know more about Drupal OAuth/OpenID Single Sign On from here.

Pre-requisites: Download

You can download the Drupal OAuth/OpenID Single Sign On module from here.

Module Handbook

This detailed Handbook for the Drupal OAuth/OpenID Single Sign On module, gives an in depth explanation of the features of the module. You can refer to the handbook at anytime - it is always available to you, either via This link, or directly from the module for quicker access.

1. Install Drupal OAuth Client module

    1.1. Using Composer:

    • For Windows: 
      Composer require drupal/miniorange_oauth_client
    • For Linux: 
      Composer require 'drupal/miniorange_oauth_client'
    • Navigate to Extend menu on your Drupal admin console and search for miniOrange OAuth Client Configuration using the search box.
    • Enable the module by checking the checkbox and click on the Install button.
    • You can configure the module at: 
      {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc

    1.2. Using Drush:

    • Download the module: 
      drush dl drupal/miniorange_oauth_client
    • Install the module: 
      drush en drupal/miniorange_oauth_client
    • Clear the cache:
       drush cr
    • You can configure the module at: 
      {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc

    1.3. Manual installation:

    • Navigate to Extend menu on your Drupal admin console and click on Install new module.
    • Install the Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login module either by downloading the zip or from the URL of the package (tar/zip).
    • Click on Enable newly added modules.
    • Enable this module by checking the checkbox and click on install button.
    • You can configure the module at: 
      {BaseURL}/admin/config/people/miniorange_oauth_client/config_clc
  • Navigate to the Configure OAuth tab and search for your Provider/Application using the search box. If you can't find a desired application/provider, select Custom OAuth Provider.
    • Drupal OAuth Client - Configure module
  • Copy the Callback/Redirect URL and keep it handy.
    • Drupal OAuth Client - Configure OAuth tab

2. Setup Azure AD as an OAuth Provider

  • Sign in to Azure portal.
  • Click on Azure Active Directory from Azure services.
    • Drupal OAuth OpenID OIDC Single Sign On Azure AD SSO Login Select Azure Active Directory
  • In the left-hand navigation pane, click the App registrations service, and click New registration.
    • Drupal OAuth OpenID OIDC Single Sign On (SSO) Azure AD SSO App Registration
  • When the Create page appears, enter your application's registration information:
    • Name : Name of your application.
    Application type :
    1. Select "Native" for client applications that are installed locally on a device. This setting is used for OAuth public native clients
    2. Select "Web app / API" for client applications and resource/API applications that are installed on a secure server. This setting is used for OAuth confidential web clients and public user-agent-based clients. The same application can also expose both a client and resource/API.
    Sign-on URL :
    1. For "Web app / API" applications, provide the base URL of your app. eg, https://<domain-name>/mo_login might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
    2. For "Native" applications, provide the URI used by Azure AD to return token responses. Enter a value specific to your application.
      eg, https://localhost/drupal
    Drupal OAuth OpenID OIDC Single Sign On (SSO) Azure AD SSO Rgistration

3. Integrating Drupal with Azure AD

  • When finished, click Register. Azure AD assigns a unique Application ID to your application. Copy Application ID and the Directory ID, this will be your Client ID and Tenant ID respectively.
    • Drupal OAuth OpenID OIDC Single Sign On (SSO) Azure AD SSO Overview
  • Go to Certificates and Secrets from the left navigaton pane and click on New Client Secret. Enter description and expiration time and click on ADD option.
    • Drupal OAuth OpenID OIDC Single Sign On (SSO) Azure AD SSO Certificates And Secrets
  • Copy value. This will be your Secret key.
    • Drupal OAuth OpenID OIDC Single Sign On (SSO) Azure AD SSO Secret Key
  • Azure AD Endpoints and scope:
    • Scope: openid email profile
    Authorize Endpoint: https://login.microsoftonline.com/[tenant-id]/oauth2/v2.0/authorize
    Access Token Endpoint: https://login.microsoftonline.com/[tenant-id]/oauth2/v2.0/token
    Get User Info Endpoint: https://graph.microsoft.com/beta/me

    4. Test Configuration of Drupal with Azure AD

    • After successfully saving the configurations, please click on the Test Configuration button to test the connection between Drupal and Azure AD.
      • Azure AD sso login with drupal OAuth OpenID Single Single On DeviantArt test Configuration
    • This Test Configuration window will provide you with a list of the attributes that are coming from the Azure AD.
    • Select the Email Attribute from the dropdown menu in which the user's email ID is obtained and click on the Done button.
      • Azure AD sso login with drupal OAuth OpenID Single Single On DeviantArt test Configuration successfully
    • Now, in the Attribute & Role Mapping tab, you can also choose the Username Attribute from the dropdown and click on the Save Configuration button.
      • Azure AD sso login with drupal OAuth OpenID Single Single On DeviantArt test Configuration successfully

      Please note: Mapping the Email Attribute is mandatory for your login to work.

    • Now log out and go to your Drupal site’s login page. You will automatically find a Login with Azure AD link there. If you want to add the SSO link to other pages as well, please follow the steps given in the image below :
      • Azure AD sso login with drupal OAuth OpenID Single Single On DeviantArt test Configuration successfully

    24*7 Active Support

    If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal OAuth/OpenID Single Sign On module.

    Additional Resources

    Our Other modules

    SAML SP  |  SAML IDP  |   User Provisioning & Sync  |   Two-Factor Authentication  |   Passwordless Authentication  |   OAuth/OIDC Client  |  LDAP / AD Login  |  OAuth Server  |  Decoupled / Headless Authentication  |  OTP Verification  |  Website Security  |  Rest API Authentication  |  SCIM User Provisioning
    Trending searches:
    Hello there!

    Need Help? We are right here!
    support
    Contact miniOrange Support
    success

    Thanks for your inquiry.

    If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com