User Provisioning between two Drupal websites

Overview

The User Provisioning & Sync Module allows seamless user synchronization between two Drupal websites. It enables users to log into multiple Drupal sites using the same credentials and keeps user information updated across sites. The module also supports integration with any SCIM compliant Identity Provider (IdP), including custom providers.

Installation Steps

• Using Composer
• Using Drush
• Manual Installation

• Download the module:

  composer require 'drupal/user_provisioning'

• Navigate to Extend menu on your Drupal admin console and search for miniOrange User Provisioning using the search box.
• Enable the module by checking the checkbox and click on Install button.
• Configure the module at

  {BaseURL}/admin/config/people/user_provisioning/overview

• Install the module:

  drush en user_provisioning

• Clear the cache:

   drush cr

• Configure the module at

  {BaseURL}/admin/config/people/user_provisioning/overview

• Navigate to Extend menu on your Drupal admin console and click on Install new module button.
• Install the Drupal User Provisioning and Sync module either by downloading the zip or from the URL of the package (tar/zip).
• Click on Enable newly added modules.
• Enable this module by checking the checkbox and click on Install button.
• Configure the module at

  {BaseURL}/admin/config/people/user_provisioning/overview

In a two-site Drupal setup, one site acts as the SCIM Server (Server Site) and the other as the SCIM Client (Client Site). The SCIM Client is responsible for sending user related operations such as create, read, update, and delete (CRUD) to the SCIM Server. This means any changes made to user accounts on the Client Site are synchronized and reflected on the Server Site. This configuration helps maintain consistent and centralized user data across both Drupal sites.

Configuration Steps

Setup Drupal as SCIM Server

• Navigate to the User Provisioning tab of the module and click on the Configure button under the Changes from Provider to Drupal (SCIM Server) section.

• Copy the SCIM Base URL and SCIM Bearer Token. (Keep them handy, as they will be required to configure Drupal as a SCIM Client.)

Setup Drupal as SCIM Client

• Go to the User Provisioning tab of the module and click the Configure button under the Changes from Drupal to Provider (SCIM Client) section.

• Turn on the Enable SCIM Client API Integration toggle and paste the copied SCIM Base URL and Bearer Token into the SCIM 2.0 Base URL and SCIM Bearer Token text fields, respectively.
• Once done, click the Save and Test Credentials button.

• If the test is successful, you’ll see a success message.

Attribute Mapping:

• After successfully testing the configuration, scroll down to the Attribute Mapping section.
• Select the Drupal User Attribute you want to map to the corresponding SCIM Provider Attribute, then click the Save mapping button.
• Once done, click on the Next Step.

SCIM Client Provisioning:

• The User Provisioning & Sync module supports three types of provisioning:
• Manual/On-Demand Provisioning: In Manual/On-Demand Provisioning, users are created, updated, deactivated, or deleted by the admin as needed.
• Automatic Provisioning: With Automatic Provisioning, when you create, update, or delete a user on one Drupal site, the same changes happen automatically on the other site. It keeps both sites in sync without manual work.
• Scheduler-based Provisioning: This allows you to perform CRUD operations on any Drupal user in your provider during the CRON run.

• Choose the Provisioning Types based on your preference.

Select Provisioning Operations:

• Select the Provisioning Operations (create, update, deactivate, delete) as needed.

Enable Role Filter:

• This feature allows provisioning of users who have any of the selected roles. Only those users will be sent to the Drupal (server) site; others will be skipped.

Enable Group Provisioning:

• This feature allows you to send user roles from Drupal as groups to other Drupal (server) site.


Note: Default roles of Drupal will not be synced.



• Click on the All Done button.

How does Manual/On-Demand Provisioning work?

• Click the Perform Manual Sync button under the Manual Provisioning column.

• Search for the user you want to provision to the Drupal (server) site, then click the Submit button.

• Once the user is successfully provisioned to the application, a success message will be displayed.

• Let's check whether the user has been created/provisioned on the Drupal (server) site. Follow the steps below to find the created user:
• From the left panel, click the People tab.

How does Automatic Provisioning work?

• Automatic Provisioning will help you to provision users based on any of the following events:
• Admin Interface: When admins or authorized users manually create, update, or delete a user’s account through the Drupal admin panel.
• User Account Change: When users create, update, or delete their own information using the user/{user_id}/edit page or a custom form.
• 3rd Party Modules: When a user is created or updated on the Drupal site through third-party modules, apps, or custom code.

• For example, let’s see how automatic provisioning works using the Admin Interface:
• Navigate to the People tab (admin/people) in the top navigation bar of the Drupal Client site and click on the +Add user button.



• Fill in the user details, then click the Create new account button.



• Let's check whether the user has been created/provisioned on the Drupal (server) site. Follow the steps below to find the created user:
• From the left panel, click the People tab.




Congratulations! You’ve successfully provisioned users between the two Drupal sites.

If the provisioning was not successful, please contact us at drupalsupport@xecurify.com. Kindly include a screenshot of the error window, and we will assist you in resolving the issue and guide you through the setup.

Related Articles

• Deprovisioning
• Import/Export users
• Map User Attributes from IdP to the Drupal user fields
• Map User Roles from IdP to corresponding users on drupal



24/7 Support

The Drupal developers at miniOrange offer quick and active support for your queries. We can assist you from choosing the best solution for your use case to deploying and maintaining the solution.

 Contact us



Case Studies

miniOrange has successfully catered to the use cases of 400+ trusted customers with its highly flexible/customizable Drupal solutions.

 Read more



Other Solutions

Feel free to explore other Drupal solutions that we offer the popular solutions used by our trusted customers include 2FA, User Provisioning, Website Security.

 Know More