You are here

Home » API reference » Auth0 Single Sign On 7.2

README.txt in Auth0 Single Sign On 7.2

Same filename and directory in other branches
  1. 8 README.txt
SUMMARY
-------

Single Sign On for Enterprises + Social Login + User/Passwords. For all your Drupal instances.
Powered by Auth0.

INSTALLATION
------------
Before you start, **make sure the admin user has a valid email that you own**, read the Technical Notes for more information.

1. On the modules configuration page, select `install new module` and upload the latest release of this plugin
   as a `.tar.gz` file

2. Enable it on the module page

3. Configure it using your auth0 account.

INSTALLATION FROM GITHUB
------------------------
1. Clone the repo to your modules directory:
    $ git clone https://github.com/auth0/auth0-drupal.git $DRUPAL_ROOT/sites/all/modules/auth0-drupal

2. Install composer dependencies:
    $ cd auth0-drupal
    $ curl -sS https://getcomposer.org/installer | php
    $ php composer.phar install

3. Enable it on the module page

4. Configure it using your auth0 account.



AUTH0 CONFIGURATION
-------------------
1. Go to your auth0 dashboard https://app.auth0.com/
2. Create a new PHP application.
3. On App Callbacks URLs add a url like this `http://<yoursite>/auth0/callback`
4. Open "API Access" tab.
5. Keep notice of your domain, client id and client secret (note whether the client secret is base64 encoded or not).  RECOMMENDED: Go to your client's advanced settings and select RS256 and OIDC Conformant under the Oauth tab.  Please note that this requires you set Redirect login for SSO as well.
6. If redirecting for SSO, make sure you add `http://<yoursite>` to the allowed logouts in your account settings in Auth0.

MODULE CONFIGURATION
--------------------
You can go to the module configuration by this url http://<yoursite>/admin/config/people/auth0 or using the menu under the people configuration tab. You need to at least configure the domain, client id and client secret on the basic tab, using the information of the auth0 dashboard.

The advance tab contains:
* Form title:
The title to be printed on top of the login widget

* Allow user signup:
This only matters if you have database users enabled, and you want that users can sign up using the
login widget

* Widget CDN:
Changing this url you can use the latest version of the widget without updating this plugin

* Requires verified email:
Some of the authentication providers have email, other doesnt (example twitter). When they do, that email can be verified or not. Meaning, we know that the user really owns that email account.
If you check this box, users will be required to have a verified email in order to login.

* Login widget css:
This is the basic css used to fit the login widget to the drupal default theme, but if you have a custom theme, you may want to change this as well

TECHNICAL NOTES
---------------

**IMPORTANT**: By using this plugin you are delegating the site authentication to Auth0. That means that you won't be using the drupal database to authenticate users anymore and the default login box won't show anymore. However, we can still associate your existing users by merging them by email. This section explains how.

When you install this plugin you have at least one existing user in the database (the admin user). If the site is already being used, you probably have more than just the admin. We want you to keep those users, of course.

Auth0 allows multiple authentication providers. You can have social providers like Facebook, Twitter, Google+, etc., you can have a database of users/passwords (just like drupal but hosted in Auth0) or you can use an Enterprise directory like Active Directory, LDAP, Office365, SAML and others. All those authentication providers might give you an email and a flag indicating whether the email was verified or not. We use that email (only if its verified) to associate a previous **existing** user with the one coming from Auth0.

If the email was not verified and there is an account with that email in drupal, the user will be presented with a message saying that the email was not verified and a link to "Re-send the verification email".

File

README.txt
View source 
  1. SUMMARY

  2. -------

  3. 

  4. Single Sign On for Enterprises + Social Login + User/Passwords. For all your Drupal instances.

  5. Powered by Auth0.

  6. 

  7. INSTALLATION

  8. ------------

  9. Before you start, **make sure the admin user has a valid email that you own**, read the Technical Notes for more information.

  10. 

  11. 1. On the modules configuration page, select `install new module` and upload the latest release of this plugin

  12.    as a `.tar.gz` file

  13. 

  14. 2. Enable it on the module page

  15. 

  16. 3. Configure it using your auth0 account.

  17. 

  18. INSTALLATION FROM GITHUB

  19. ------------------------

  20. 1. Clone the repo to your modules directory:

  21.     $ git clone https://github.com/auth0/auth0-drupal.git $DRUPAL_ROOT/sites/all/modules/auth0-drupal

  22. 

  23. 2. Install composer dependencies:

  24.     $ cd auth0-drupal

  25.     $ curl -sS https://getcomposer.org/installer | php

  26.     $ php composer.phar install

  27. 

  28. 3. Enable it on the module page

  29. 

  30. 4. Configure it using your auth0 account.

  31. 

  32. 

  33. 

  34. AUTH0 CONFIGURATION

  35. -------------------

  36. 1. Go to your auth0 dashboard https://app.auth0.com/

  37. 2. Create a new PHP application.

  38. 3. On App Callbacks URLs add a url like this `http:///auth0/callback`

  39. 4. Open "API Access" tab.

  40. 5. Keep notice of your domain, client id and client secret (note whether the client secret is base64 encoded or not).  RECOMMENDED: Go to your client's advanced settings and select RS256 and OIDC Conformant under the Oauth tab.  Please note that this requires you set Redirect login for SSO as well.

  41. 6. If redirecting for SSO, make sure you add `http://` to the allowed logouts in your account settings in Auth0.

  42. 

  43. MODULE CONFIGURATION

  44. --------------------

  45. You can go to the module configuration by this url http:///admin/config/people/auth0 or using the menu under the people configuration tab. You need to at least configure the domain, client id and client secret on the basic tab, using the information of the auth0 dashboard.

  46. 

  47. The advance tab contains:

  48. * Form title:

  49. The title to be printed on top of the login widget

  50. 

  51. * Allow user signup:

  52. This only matters if you have database users enabled, and you want that users can sign up using the

  53. login widget

  54. 

  55. * Widget CDN:

  56. Changing this url you can use the latest version of the widget without updating this plugin

  57. 

  58. * Requires verified email:

  59. Some of the authentication providers have email, other doesnt (example twitter). When they do, that email can be verified or not. Meaning, we know that the user really owns that email account.

  60. If you check this box, users will be required to have a verified email in order to login.

  61. 

  62. * Login widget css:

  63. This is the basic css used to fit the login widget to the drupal default theme, but if you have a custom theme, you may want to change this as well

  64. 

  65. TECHNICAL NOTES

  66. ---------------

  67. 

  68. **IMPORTANT**: By using this plugin you are delegating the site authentication to Auth0. That means that you won't be using the drupal database to authenticate users anymore and the default login box won't show anymore. However, we can still associate your existing users by merging them by email. This section explains how.

  69. 

  70. When you install this plugin you have at least one existing user in the database (the admin user). If the site is already being used, you probably have more than just the admin. We want you to keep those users, of course.

  71. 

  72. Auth0 allows multiple authentication providers. You can have social providers like Facebook, Twitter, Google+, etc., you can have a database of users/passwords (just like drupal but hosted in Auth0) or you can use an Enterprise directory like Active Directory, LDAP, Office365, SAML and others. All those authentication providers might give you an email and a flag indicating whether the email was verified or not. We use that email (only if its verified) to associate a previous **existing** user with the one coming from Auth0.

  73. 

  74. If the email was not verified and there is an account with that email in drupal, the user will be presented with a message saying that the email was not verified and a link to "Re-send the verification email".

  75. 

  76. 

  77.