Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Experimental project
This is a sandbox project, which contains experimental code for developer use only.
Developed by Capgemini UK. Provides Identity framework used to plug in number of Identity synchronisation mechanism's. Includes OpenAM implementations but it is extensible to include other identity synchronisation mechanisms, like OpenId. Oauth etc..
Configuration
Open the module configuration page: Configuration >> System >> Authentication service.
Choose a plugin, for example OpenID.
NOTE: IN THIS VERSION OF THE MODULE IT IS RECOMMENDED TO NOT CHANGE THE EXTERNAL SERVICE AFTER AN INITIAL SELECTION.
Caching @TODO
Authentication Plugins
OPENAM
Configure settings for this plugin on: Configuration >> system >> Identity service >> OPENAM
User CRUD operations
This section refers to OpenAM implementation as this is currently the only implementation supplied with this module.
You can Create, Delete and Update user in OpenAm or trough drupal interface. Note that openAM is "source of truth" and that users are only updated in Drupal if update in OpenAm succeeds.
CREATE USER Users are created as usual by admin or user themselves, but if this module is enabled and configured properly than users will be created in OpenAm server as well. If user with the same user name already exsits on the OpenAM server than creation will be refused, in both Drupal and OpenAM. If user creation fails in OpenAM for any other reasons that user will not be created in Drupal either.
DELETE USER User can be deleted trough default Drupal interface, and when deleted or disabled in Drupal user will also be disable in OpenAM. If you want user to be deleted in OpenAM than check appropriate option in the modules settings form. (Configuration >> system >> Identity service >> OPENAM "Delete user in OpenAM server on user deletion").
DISPLAY USER IDENTITY Additional user fields, like First name, Family name etc are stored only on OpenAM server, but can be viewed on a user view page, for example user/23. This is achieved by identity_service_entity_view_alter function in this module.
UPDATE USER IDENTITY Users can be updated trough drupal interface. If you go to used edit form, if user is created in OpenAM than you will see an additional fields, like Family name. Update these details on this form and save. If user is created in OpenAM you will not be able to edit username and it will be grayed out in the Edit form.
Adding another authentication plugin
@TODO
Developed by Capgemini.
Project information
- Project categories: Access control
- Created by adub on , updated
