Joomla OAuth Single Sign-On (SSO) | Login into Joomla using OpenID Connect

Joomla Single Sign-On ( SSO Login ) plugin supports SSO with many OAuth 2.0 and OpenID Connect ( OIDC ) 1.0 providers.
It also supports limitless user authentication using the OAuth & OpenID Connect protocols, allowing authorized users to access the Joomla site.
OAuth Client Single Sign-On – SSO Login (OAuth 2.0) plugin allows users residing at OAuth 2.0 capable OAuth or OpenID Connect (OIDC) Provider to log in to your Joomla website.
This OAuth / OIDC plugin can be used for authorization and authentication purposes with any OAuth / OIDC Provider that confirms the OAuth2.0 and OpenID Connect (OIDC) standard.

USE CASES-

Login with Azure (Azure Login) :
Login with Discord (Discord Login)
Login with AWS Cognito (AWS Cognito Login)
Login with Social Apps

Azure SSO

This Joomla Single Sign On (OAuth / OpenID Connect SSO) plugin enables SSO with many Microsoft Apps, including Azure AD SSO, Azure AD B2C SSO, and Office 365 SSO, using both the OAuth and OpenID Connect protocols. It offers login redirects based on policies such as sign-up policy, sign-in policy, lost password policy, custom policy, and so on.
It supports Azure AD, Azure B2C, Office 365, SSO with the multi-tenants app (users registered in various apps from separate tenants) and SSO into multiple Joomla domains, role-based access restriction to Joomla pages, and SSO into multiple Joomla domains. Outside of the tenant / application, log in to Joomla using Microsoft accounts. Integrate Azure SSO with social account use-cases (Facebook, Google, etc.).
Apart from SSO, it also supports Joomla – Azure integrations / customizations such as token-based calls to specific API / Graph API.
Azure SSO also supports syncing Azure user profile to Joomla profile with the option to customize the profile attribute mapping ( givenname, familyname, username, email, group, custom attributes, etc ) as per need.

AWS Cognito SSO

This Joomla Single Sign-On (OAuth / OpenID Connect SSO) plugin allows AWS Cognito, Amazon, and Cognito login into Joomla, as well as linked social login accounts. Supports user profile synchronization and role mapping in Joomla, as well as retrieving a token from AWS Cognito to perform further API requests to extend the functionality.
It allows for customizations such as synchronizing new registrations from Joomla to Cognito, logging into the site using the usual Joomla login form rather than redirecting to the Cognito login page, connecting the Cognito User Pool, login redirections, and more.

Discord SSO

This Joomla Single Sign-On (OAuth / OpenID Connect SSO) plugin lets users log into Discord from inside Joomla. Other supported use-cases include synchronizing user profiles from Discord to Joomla, role mapping into Joomla based on Discord roles, avatar mapping, guild member management, and subscription-based access to Discord channels from a Joomla site.
It also allows customization for integrating other Joomla and Discord apps, in addition to Discord login.

Keycloak SSO

SSO with Keycloak is supported by this Joomla Single Sign-On (OAuth / OpenID Connect SSO) plugin. The Joomla user is authenticated by the Keycloak server. When the authentication is successful. It also includes an identity token and an access token, both of which contain user profile and role information. Keycloak's access token can be used to call other remote services on behalf of the user.
Using this access token, Joomla may make REST invocations on external services.
Using the role mapping functionality of the OAuth / OIDC SSO plugin, you may make authorization decisions based on role-based access control (RBAC) on your Joomla site. Users can be assigned to different Joomla roles depending on their Keycloak roles and capabilities.

WHMCS SSO

The Joomla SSO (OAuth / OpenID Connect SSO) plugin integrates with WHMCS to enable users (clients, customers, workers, employees, technicians, and so on) to log in to their Joomla portal depending on their roles and capabilities. It also allows you to sync groups, courses, assignments, and tasks with the WHMCS SSO application using other Third Party plugins.

LIST OF GRANT TYPES WE SUPPORT FOR JOOMLA SINGLE SIGN-ON ( SSO ) OAUTH / OPENID CONNECT ( OIDC ) CLIENT

• Authorization code grant
• Implicit grant
• Resource owner credentials grant (Password Grant)
• Client credentials grant
• Refresh token grant
• Hybrid Grant
• Authorization code grant with PKCE flow ( Proof Key for Code Exchange )

Click here to watch premium features of plugin.

Free Version Features:-

• Supports login with any 3rd party OAuth server or custom OAuth server.
• Auto Register Users - Automatic user registration after login if the user is not already registered with your site.
• Limited Authentication
• Attribute Mapping – Basic Attribute Mapping features to map Joomla user attributes (Username and Email only).
• Login Using the Link.
• Auto fill OAuth server configuration.

Standard Version Features:-

• All Free Version Features included.
• Unlimited Auto Register users.
• Unlimited Authentication.
• Login widget customization.
• Custom Redirect URL after login and logout - Redirect the user to a custom URLs after - successful login and logouts.
• Basic Group Mapping.

Premium Version Features:-

All the Free version and Standard Version Feature included.
- Attribute Mapping - Advance Attribute Mapping feature to map Joomla user attributes like username, first name, last name, and email. Manage username & email with data provided.
- Advance Group Mapping.
- Force Authentication / Protect complete site.
- OpenId Connect Support – Login using OpenId Connect Server.
- Domain Specific Registration
- JWT Validation.

Enterprise Version Features :-

• All the Premium Version Features Included.
• Grants Settings
• Additional End Points for getting user groups from your OAuth/OpenId Provider.
• Login Reports/Analytics.

JOOMLA SINGLE SIGN-ON ( SSO ) SUPPORTED ADD-ONS

We have a variety of add-ons that can be integrated with the OAuth & OpenId Connect Single Sign-On ( SSO ) plugin to improve the OAuth SSO functionality of your Joomla site.

-SCIM User Provisioning:- Joomla SSO enables your users to log in to your Joomla site and sync user creation, update, and deletion from your IDP to your Joomla site using SCIM User Provisioning .

• Discord Role Mapping:- Discord Role Mapping add-on helps you to get roles from your discord server and maps it to Joomla users while SSO.

• Attribute Based Redirection Customer :- Attribute Based Redirection Add-on can be used to redirect the user to a specific URL based on the attributes received from the OAuth server.

• Role/Group Based Redirection :- Role/Group-Based Redirection Add-on can be used to redirect the user to a specific URL based on the roles/groups received from the OAuth server.

• SSO Session Management :- SSO session management add-on manages the login session time of your users based on their Joomla roles.

• SSO Login Audit :- SSO Login Audit captures and tracks all the Single Sign-On users and generates reports

• Joomla Firebase Authentication :- Allow Firebase mobile app users to log in to your Joomla site using their Firebase social login credentials, such as Facebook, Google. While utilizing SSO with Joomla, the Firebase authentication plugin will function.

• Two Factor Authentication

• User Role Editor

• Limit Login Attempts

• Guest User Login

• Attribute Based Redirection

REST API AUTHENTICATION

Secures unauthorized access to your Joomla sites/pages using our Joomla REST API Authentication plugin .

Firebase Authentication

The Firebase Authentication SDK includes methods for creating and managing users who sign in with their email addresses and passwords.

List of Popular OAuth providers we support:-

| Google Apps |Facebook |Azure AD |Azure B2C | AWS Cognito |Salesforce |Clever |Ping Federate |Laravel Passport | Windows Account |Slack |Discord |WHMCS | Pinterest |miniOrange |Bitrix24 |Harvest |Mailchimp | Huddle |Heroku | Ustream | Delicious |Dailymotion | RunKeeper | One Login | DeviantArt | LinkedIn |Wild Apricot |GitHub |Vimeo | Nest |Spotify |Hubic |Zendesk |Pocket |PayPal |SoundCloud |HRAnswerlink |Deezer |Keycloak |Box |Fitbit |Reddit |Instagram |Line | Bitly |Mondo |Netatmo |Amazon |Yammer |Foursquare |Support center |Custom OAuth Server |Custom OpenID Server |

Installation Steps :

Goto Extensions --> Manage --> Install.
Search for MiniOrange OAuth client in the search box
Install the Miniorange OAuth Client plugin.
Then go to Extensions --> Manage --> Manage.
Search for miniorange in the search box
Enable all the extensions present in the list.
Configure the plugin at Component-> miniorange OAuth client ->configure OAuth.

Dependencies

NONE

24/7 Support

If you require any Single Sign On (SSO) application or need any help with installing this plugin, please feel free to reach out to us on our 24*7 support at joomlasupport@xecurify.com or Contact us.

WEBSITE

Check out our website for other plugins from the link here or visit https://plugins.miniorange.com to see all our listed Joomla plugins. For more support or info email us at joomlasupport@xecurify.com. You can also submit your query from the plugin’s configuration page.