OpenID Connect Login - OIDC Login Setup Guide

OpenID Connect Login - OIDC Login Setup Guide will help you configure your Drupal site as an OpenID Connect ( OIDC ) Client with any OIDC Provider of your choice. Following these steps will allow you to configure OIDC SSO which will allow your users to log in to your Drupal site using their OIDC Provider credentials.

We provide Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login module which is compatible with Drupal 7, Drupal 8, Drupal 9, Drupal 10, and Drupal 11.

Download  Know more

 Prerequisite:

• Install and activate the OAuth & OpenID Connect Login - OAuth2 Client SSO Login module on your Drupal site. Follow these steps to install the module.

Steps to configure Drupal as OIDC Client:

• After installing the module, navigate to the Configuration tab and click on the miniOrange OAuth Client. ({BaseURL}/admin/config/people/mo-oauth-client/mo-client-config)

  

• In the Manage section, under the Client Configuration tab, click on the + Add New button to configure the desired OAuth Client.

  

• In the Client Configuration tab, under the Add section, provide the following information:

  • Select the Custom OpenID Provider from the Select Application drop-down.
  • Enter name of the Application in the Custom App Name text-field.
  • Copy the Callback/Redirect URL and save it on your OpenID Provider.

  

• Fill in the required details that you will get from your OpenID Provider in the following screen:

  • Login link on the login page
  • Client Id 
  • Client Secret 
  • Scope
  • Authorize Endpoint
  • Token Endpoint
  • UserInfo Endpoints

  Client Id	Copy the Client Id from your OpenID Provider and Paste the miniOrange Drupal OAuth Client module.
  Client Secret	Copy the Client Secret from your OpenID Provider and Paste the miniOrange Drupal OAuth Client module.
  Scope	openid profile email
  Authorize Endpoint	Copy the Authorize Endpoint from your OpenID Provider and Paste the miniOrange Drupal OAuth Client module.
  Token Endpoint	Copy the Access Token Endpoint from your OpenID Provider and Paste the miniOrange Drupal OAuth Client module.
  UserInfo Endpoint	Copy the UserInfo Endpoint from your OpenID Provider and Paste the miniOrange Drupal OAuth Client module.

  

• The Send Client ID and secret in buttons allow you to specify whether the Client ID and Secret should be included in the Header or the Body of the Token Endpoint Request. If you're unsure which option to select, you can stick with the default settings.

• Check the checkbox to Enable Login with OAuth, scroll down, and click the Save Configuration button

  

• After successfully saving your application, click the Perform Test Configuration button to check the connection between Drupal and the OAuth Provider.

  

• On the Test Configuration pop-up, if there is no active session in your OAuth Provider on the same browser, you will be prompted to log in to the OAuth Provider. Once you have successfully logged into your account, a list of attributes received from the OAuth Provider will be displayed.

• Click the Configure Mappings button.

  

• Once you click on the Configure Mapping button, you will be redirected to the Attribute Mapping tab. From there, select the appropriate attribute from the OAuth Server Attribute dropdown where the email value is received, and then click the Save Configuration button.

  

  This step is mandatory for your login to work.

• If your OpenID/OIDC Provider supports only HTTPS for its Root URL or Base URL (for example, Azure, Azure B2C, Okta, OneLogin, Facebook, Google, WHMCS, and many others), then check the box for Enforce HTTPS Callback URL under the Settings tab. 

• Click the Save Configuration button.

  

How to perform the SSO login?

• Now, open a new browser/private window and go to your Drupal site login page.
• Click on the Login using <Your OpenID Provider> link to initiate the SSO from Drupal.

• If the configuration is correct, you will be logged in to the Drupal site.

 Back to top