Salesforce Signal Sign On (SSO) for Drupal miniOrange provides a ready to use solution for Drupal. This solution ensures that you are ready to roll out secure access to your Drupal site using Salesforce within minutes.
Step 1: Configuring Salesforce as IdP
- Go to https://login.salesforce.com and login into Salesforce.
- Log into salesforce and go to Setup.
- From the left pane, select Build Create Apps.
- Scroll down, under Connected Apps, click on New button.
- Enter Connected App Name, API Name and Contact Email.
- Under Web App Settings, check the Enable SAML checkbox and enter the following values:
| Entity ID
|| Enter SP Entity ID / Issuer from the Identity Provider tab of the module.
| ACS URL
|| Enter ACS (AssertionConsumerService) URL from the Identity Provider tab of the module.
| Subject Type
| Name ID Format
Step 2: Assign Profiles
- Now from left pane, under Administration Setup, select Manage Apps Connected Apps.
- Click on the App you just created.
- Scroll down, under Profiles click on Manage Profiles, Select the profiles you want to give access to login through this app.
Step 3: Download metadata for communities
- Under SAML Login Information, click on Download Metadata.
- Open the downloaded file in some browser like Chrome, Firefox, IE, Microsoft Edge.
- Search for "ds:X509Certificate" tab and copy the entire string under this tag. String would be like this: "MII....".
- Keep this certificate value handy for next steps.
Step 4: Configuring Drupal as SP
1. Click on Upload IDP Metadata.
2. Upload metadata file and click on Upload.
II. Manual Configuration: In miniOrange SAML plugin, go to Service Provider Tab. Enter the following values:
|IDP Entity ID
|Single Sign On URL
||Paste the certificate value you copied from the Metadata file.
Step 5: Attribute Mapping (It is Optional to fill this). This is premium feature.
- Attributes are user details that are stored in your Identity Provider.
- Attribute Mapping helps you to get user attributes from your IdP and map them to Drupal user attributes like firstname, lastname etc.
- While auto registering the users in your Drupal site these attributes will automatically get mapped to your Drupal user details.
- In miniOrange SAML plugin, go to Mapping tab and fill in all the fields.
||Name of the username attribute from IdP (Keep NameID by default)
||Name of the email attribute from IdP (Keep NameID by default)
||Name of the Role attribute from IdP
- You can check the Test Configuration Results under Service Provider tab to get a better idea of which values to map here.
Step 6: Role Mapping (It is Optional to fill this). This is premium feature.
- Drupal uses a concept of Roles, designed to give the site owner the ability to control what users can and cannot do within the site.
- Role mapping helps you to assign specific roles to users of a certain group in your IdP.
- While auto registering, the users are assigned roles based on the group they are mapped to.
Step 7: Sign In Setting. This is premium feature.
Business Trial For Free
If you don't find what you are looking for, please contact us at firstname.lastname@example.org or call us at +1 978 658 9387.