Integrating Azure AD with Drupal for Single Sign-On Authentication

Drupal Azure AD SSO integration will allow you to configure Single Sign-On ( SSO ) login between your Drupal site and Azure AD using OAuth/OpenID protocol. Drupal OAuth 2.0/OpenID connect module gives the ability to enable login using OAuth 2.0/OIDC Single Sign-On to Drupal Site. We provide the Drupal OAuth/OpenID Client module for Drupal 7, Drupal 8, and Drupal 9.

Here we will go through a guide to configure the SSO login between Drupal and Azure AD. By following these steps, users of Azure AD will be able to log into the Drupal site using their Azure AD credentials.

If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule an online meeting to help you configure the Drupal OAuth & OpenID Connect Login – OAuth2 Client SSO Login module.

You can refer the steps to Configure Azure AD with the Drupal OAuth Client module

from the Video or Documentation given below


Step 1: Setup Azure Active Directory as OAuth Provider

  • Sign in to Azure portal.
  • Click on Azure Active Directory from Azure services.
  • Drupal OAuth OpenID OIDC Single Sign On Azure AD SSO Login Select Azure Active Directory
  • In the left-hand navigation pane, click the App registrations service, and click New registration.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) Azure AD SSO App Registration
  • When the Create page appears, enter your application's registration information:
  • Name : Name of your application.
    Application type :
    1. Select "Native" for client applications that are installed locally on a device. This setting is used for OAuth public native clients
    2. Select "Web app / API" for client applications and resource/API applications that are installed on a secure server. This setting is used for OAuth confidential web clients and public user-agent-based clients. The same application can also expose both a client and resource/API.
    Sign-on URL :
    1. For "Web app / API" applications, provide the base URL of your app. eg, https://<domain-name>/mo_login might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
    2. For "Native" applications, provide the URI used by Azure AD to return token responses. Enter a value specific to your application.
      eg, https://localhost/drupal
    Drupal OAuth OpenID OIDC Single Sign On (SSO) Azure AD SSO Rgistration
  • When finished, click Register. Azure AD assigns a unique Application ID to your application. Copy Application ID and the Directory ID, this will be your Client ID and Tenant ID respectively.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) Azure AD SSO Overview
  • Go to Certificates and Secrets from the left navigaton pane and click on New Client Secret. Enter description and expiration time and click on ADD option.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) Azure AD SSO Certificates And Secrets
  • Copy value. This will be your Secret key.
  • Drupal OAuth OpenID OIDC Single Sign On (SSO) Azure AD SSO Secret Key
  • Azure AD Endpoints and scope:
  • Client ID : from step 10 above
    Client Secret : from step 11 above
    Scope: openid email profile
    Authorize Endpoint: https://login.microsoftonline.com/[tenant-id]/oauth2/v2.0/authorize
    Access Token Endpoint: https://login.microsoftonline.com/[tenant-id]/oauth2/v2.0/token
    Get User Info Endpoint: https://graph.microsoft.com/beta/me

Step 2: Configure miniOrange Drupal OAuth Client module.

  • Login in your Drupal site’s admin console and click on Extend from the top navigation bar.
  • Select the Install new module option to install a new module on your Drupal site.
  • Drupal OAuth Client module - Install
  • Upload the downloaded zip file of the Module and click on the Install button to continue.
  • Drupal OAuth Client module - Upload
  • Select Enable newly added modules.
  • Drupal OAuth Client module - Update manager
  • Scroll down till you find miniOrange OAuth Client. Click on the checkbox next to it and click on the Install button to enable the module.
  • Drupal OAuth Client module - Enable module
  • Click on Configuration from the top navigation bar and Select Drupal OAuth client Configuration.
  • Drupal OAuth Client - Configuration
  • Click on the Configure OAuth Client tab and select your OAuth Provider from the Select Application dropdown. In case you do not find your OAuth Provider listed in the dropdown, please select Custom OAuth Provider and continue.
  • Drupal OAuth Client - Configure module
  • Enter your OAuth Provider's information in their respective fields and click on the Save button to continue. Also, copy the Callback/Redirect URL and save it on your OAuth Provider.
  • Drupal OAuth Client - Configure OAuth tab
  • Now click on the Test Configuration option. This Test Configuration link will give you the list of the attributes that are coming from your OAuth Provider.
  • Copy the email and the name attributes and save them under the Attribute & Role Mapping tab in the Email Attribute and Name Attribute text field respectively.
  • Please note: This step is mandatory for your login to work. Click on the Save button to save your attribute configurations.


    Drupal OAuth Client Attribute Mapping
  • If your OAuth Provider supports only HTTPS Root URL or Base URL (for eg. Azure, Azure B2C) you can change it under Sign In Settings tab.
  • Drupal OAuth Client Redirect URL
  • Now logout and go to your Drupal site’s login page, you will automatically find a Login withYour OAuth Provider link there. If you want to add your login link to other pages as well, please follow the steps given in the below image:

  • Drupal OAuth Client login link
  • If you want to check out our complete list of features and our various licensing plans, you can go to the Upgrade Plan tab in the module.
  • If you want to purchase any of the paid version of the module, you have to register/login with us in Register/Login tab.
  • Still, if you are facing any difficulty or if you have any questions in mind, you can reach out to us by submitting a query in the Support tab of a module or by sending us a mail at info@xecurify.com.
  • Congratulations, you have successfully configured the miniOrange Drupal OAuth Client module.

Need Help?

Contact us on drupalsupport@xecurify.com for quick guidance (via email/meeting) or call us at +1 978 658 9387.

On your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com