FAQs for Configuring SAML SSO between Drupal and Microsoft Entra ID

DrupalTM Blog

Welcome to our Drupal blog! Stay up to date with the latest Drupal news, best practices, and techniques.

How do I download the Drupal SAML SP Metadata?

After installing the SAML SP module on your Drupal site, navigate to Configuration > People > miniOrange SAML Login Configuration (/admin/config/people/miniorange_saml/idp_setup). Under the Service Provider Metadata tab, click on the Download XML Metadata button.

How do I configure a SAML Single Sign-On application in Microsoft Entra ID?

  1. Log in to your Microsoft Azure portal.
  2. Select Enterprise applications from the Azure services section.
  3. Click on the New application button.
  4. Select Create your own application.
  5. Enter the application name and choose "Integrate any other application you don't find in the gallery (Non-gallery)".
  6. Click Create and proceed to the Set up single sign on section.
  7. Select SAML as the sign-on method.
  8. Upload the previously downloaded XML Metadata file from Drupal.
  9. Save the configuration and copy the App Federation Metadata URL.

How do I assign users and groups to the Azure application?

  1. In the Azure portal, select Users and groups from the left navigation menu.
  2. Click on the Add user/group button.
  3. In the Add Assignment window, select the users or groups to assign to the application.
  4. Click on Select and then Assign to confirm the assignment.

How do I configure Drupal as a SAML Service Provider?

  1. On your Drupal site, navigate to the Service Provider Setup tab of the SAML module.
  2. Click on Upload IDP Metadata.
  3. Paste the App Federation Metadata URL from Azure AD into the Upload Metadata URL field.
  4. Click on the Fetch Metadata button.
  5. If needed, update the Identity Provider Name to "Azure".
  6. Save the configuration and test the connection by clicking Test.
  7. Log in to Microsoft Entra ID when prompted and verify the attributes received.

How do I test the SAML SSO login?

  1. Open a new browser or private window and navigate to the Drupal login page.
  2. Click the Login using Identity Provider (Azure) link.
  3. Log in with your Azure AD credentials.
  4. Upon successful login, you will be redirected to your Drupal site.

What should I do if I face issues during the test configuration?

If you encounter issues, contact our support team at drupalsupport@xecurify.com with a screenshot of the test configuration window.

How does SAML SSO login work?

For SP-initiated SSO, users click the Login using Identity Provider (Azure) link on the Drupal login page. They are redirected to the Azure AD login page, enter their credentials, and upon successful authentication, gain access to the Drupal site.