Setup Guide for Joomla Oauth Sign On (SSO) Using Azure AD B2C

Download Plugin

Azure AD B2C as OAuth Provider Azure AD B2C is a third-party OAuth/ OpenID Connect provider that can act as the OAuth/ OIDC server when your users log on to the Joomla website.

Step 1: Setup Azure AD B2C as OAuth Provider

Sign in to Azure portal.
Click on Azure AD B2C from Azure services.

OAuth/OpenID/OIDC Single Sign On (SSO), Azure AD SSO Login

In the left-hand navigation pane, click the App registrations service, and click New registration.

OAuth/OpenID/OIDC Single Sign On (SSO), Azure AD SSO App-Registration

When the Create page appears, enter your application's registration information:

Name :	Name of your application.
Application type:	Select "Native" for client applications that are installed locally on a device. This setting is used for OAuth public native clients Select "Web app / API" for client applications and resource/API applications that are installed on a secure server. This setting is used for OAuth confidential web clients and public user-agent-based clients. The same application can also expose both a client and resource/API.
Sign-on URL :	For "Web app / API" applications, provide the base URL of your app. eg, https://<domain-name>/oauth/callback might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application. For "Native" applications, provide the URI used by Azure AD B2C to return token responses. Enter a value specific to your application. eg, https://localhost/Joomla

OAuth/OpenID/OIDC Single Sign On (SSO), Azure AD SSO registration

When finished, click Register. Azure AD B2C assigns a unique Application ID to your application. Copy Application ID and the Directory ID, this will be your Client ID and Tenant ID respectively.

OAuth/OpenID/OIDC Single Sign On (SSO), Azure AD SSO Overview

Go to Certificates and Secrets from the left navigaton pane and click on New Client Secret. Enter description and expiration time and click on ADD option.

OAuth/OpenID/OIDC Single Sign On (SSO), Azure AD SSO client-secrete

Copy value. This will be your Secret key.

OAuth/OpenID/OIDC Single Sign On (SSO), Azure AD SSO Secret-Key-2

Go to the Azure AD B2C.select User flows.and click on New user flow.

OAuth/OpenID/OIDC Single Sign On (SSO), Azure AD SSO user-flow-creation

Create User flow Name.select Email signup and click on Crate button.

OAuth/OpenID/OIDC Single Sign On (SSO), Azure AD SSO user-flow-create

Click on your created user flow

OAuth/OpenID/OIDC Single Sign On (SSO), Azure AD SSO select-user-flow

Copy the policy name you have created and replace it in the respective endpoints
Azure AD Endpoints and scope:

Client ID :	from step 10 above
Client Secret :	from step 11 above
Scope:	OpenID
Authorization Endpoint	https://{tenant-name}.b2clogin.com/{tenant-name}.onmicrosoft.com//oauth2/v2.0/authorize
Access Token Endpoint	https://{tenant-name}.b2clogin.com/{tenant-name}.onmicrosoft.com//oauth2/v2.0/token

Step 2: Setting up the miniOrange Joomla OAuth Client plugin

Download the zip file for the miniOrange OAuth Client plugin for Joomla from the link here.

Login into your Joomla site’s administrator console.
Go to Extension Manage Install in the top navigation bar to install the plugin.

Upload the downloaded zip file to install the OAuth Client plugin.

Navigate to Extensions Manage Manage and search for miniorange in the Search bar provided to see the list of the components.
Go to Components MiniOrange OAuth Client in the top navigation bar to go to the configuration page of the plugin.

Register/ Login with miniOrange.
Go to the Configure OAuth tab in the plugin. FIll in the details you received from your OAuth Provider and click on the Save Settings button.

Select your OAuth Provider from the Select Application dropdown. In case your OAuth Provider is not listed in the drop down, please select Custom OAuth Provider to continue.

Copy the Redirect/Callback URL given in the plugin and save it in your OAuth Provider.
Click on the Test Configuration button and copy the email and name attributes and save these attributes in Email Attribute and Name Attribute text field respectively. Now click on the Save Attribute Mapping button to save your configurations.

Add a button on your site login page with the following URL:your_home_page/base_url/?morequest=oauthredirect&app_name=xxxxxxxxx

You would find appropriate URL in Instructions to configure in the bellow section of Attribute Mapping (After completing test configuration please choose URL and Add a button on your site login page).

Now logout and go to your site. You will see a login link where you placed that button.
Click on the Licensing Plans Tab to check out our complete list of features and various licensing plans.
In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support dialog box in the Account Setup and Configure OAuth tabs.

In addition to the above, miniOrange also provide support for ADFS, AWS cognito, Bitrix24, Reddit, WHMCS, Square Connect, WSO2, Windows, Gigya, Dash 10, Foursquare, Harvest, MailChimp, Huddle, Ustream, Yammer, RunKeeper, SoundCloud, Pocket, Nest, Heroku, DropBox, Buffer, Hubic, Deezer, Delicious, Bitly, Mondo, Netatmo, Wechat, Weibo, Shibboleth, Invision Community, HR Answerlink/Support center, Blizzar and many more OAuth provider.

Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your desired OAuth Provider. In case you have any questions in mind, you can always mail us at [email protected].

Setup Guide for Joomla Oauth Sign On (SSO) Using Azure AD B2C

Setup Guide for Joomla Oauth Sign On (SSO) Using Azure AD B2C

Step 1: Setup Azure AD B2C as OAuth Provider

Step 2: Setting up the miniOrange Joomla OAuth Client plugin

Additional Resources

Contents

STAY CONNECTED

Product

Solutions

Why miniorange

Company