OAuth/OIDC Single Sign-On (SSO) | Backend & Frontend

OAuth/OIDC Single Sign-On (SSO) | Backend & Frontend

Classification

miniorange-oidc

Version

1.1

Language

en

Description

Typo3 OAuth / OpenID Connect Single Sign-On SSO extension by miniOrange allows your users (Frontend & Backend) to login (Single Sign-On) into Typo3 with Azure AD, Azure B2C, AWS Cognito, Office 365, WSO2, Okta, Salesforce, Discord, Keycloak, PingFederate, OneLogin or other custom OAuth 2.0 providers. Typo3 OAuth / OIDC extension can be used for authorization and authentication purposes with any OAuth / OIDC Provider that conforms to the OAuth 2.0 and OpenID Connect (OIDC) standards. Typo3 OAuth / OpenID Connect Single Sign-On SSO provides user authentication with OAuth & OpenID Connect protocol and allows authorized users to login into the Typo3 site. We provide features like Attribute Mapping & Role Mapping which help to map user data returned from your OAuth Provider to Typo3. You can add an SSO Login Button on both your Typo3 frontend and backend (Admin Panel) login page with our extension.

Keywords

oauth, oidc, openid, sso, sso, single sign on, single sign-on, Azure AD, Okta, Google SSO, frontend, backend, login

Copyright

2023

Author

miniOrange

Email

info@xecurify.com

License

This document is published under the Open Content License available from http://www.opencontent.org/opl.shtml

Rendered

Fri, 19 Sep 2025 12:03:08 +0000

The content of this document is related to TYPO3, a GNU/GPL CMS/Framework available from www.typo3.org.

Table of Contents

Installation

Extension Installation

Using composer:

Use the below command to install the extension using composer:

composer req miniorange/miniorange-oidc
Copied!

OR

Using zip file:

  • Download the zip file of the OAuth/OIDC SSO SSO extension from TYPO3 marketplace.
  • Rename the zip file from oauth_openid_single_sign_on.zip to oauth.zip
  • Go to your TYPO3 backend and click on Extensions section at the left side of your screen.
  • Upload the zip file as represented in the below image.
Upload Extension zip

Configuration

Prerequirements Before Configuring

You must have atleast two pages before configuring the extension.

  • Navigate to the Pages section and create new standard page with name feoidc and add feoidc plugin to it.
  • Similarly create a page named response and and response plugin to it.
  • You can refer to the below screenshots for the same.
Response Page * Create SSO Login button in your Typo3 Frontend Site and embed the feoidc page URL to it in order to initiate the SSO.

Extension Configurations

  • Once the extension is installed successfully, navigate to the OpenID Connect Client tab of the plugin and fill in all the required fields as below:
- OAuth/ OpenID Provider Name: {Name of your provider}
  • Application type: OAuth/OpenID Connect
  • Frontend Redirect/Callback Url : {Response Plugin Page URL which you created in step 4} (You will need to provide this URL to your OAuth/OIDC provider)
  • feoidc page URL: {feoidc Plugin Page URL which you created in step 4}
  • Client ID : {You will get it from your provider}
  • Client Secret : {You will get it from your provider}
  • Scope : openid profile email
  • Authorization Endpoint : {Authorization Endpoint of your OAuth/OpenID Provider}
  • Token Endpoint : {Access Token Endpoint of your OAuth/OpenID Provider}
  • User Info Endpoint : {Userinfo Endpoint of your OAuth/OpenID Provider}
  • Set client credentials in : Header/Body
OpenID Connect Client Configurations
  • Provide the redirect/callback URL in your OAuth/OIDC Provider application by copying it from Frontend Redirect/Callback Url field in OpenID Connect Client tab.
  • Once you are done with the configurations on both ends (i.e., Typo3 and your OAuth/OIDC Provider), click on the Test Configuration button in the OpenID Connect Client tab of the plugin and check if you are able to test it successfully.
Test Configuration Window
  • Navigate to the Attribute Mapping tab and map the Username attribute to your OAuth/OIDC Provider attribute using which you want to identify the users in Typo3 (you can find all the attributes received from your OAuth/OIDC Provider in the test configuration).
Attribute Mapping Settings
  • Navigate to the Group Mapping tab of the plugin and save the Group Mapping for Frontend Users by selecting the Default Usergroup.
Default Group Mapping Settings
  • Once you have done all the above steps, you are ready to test the SSO. You can use your Feoidc Page URL in order to initiate the SSO.

You can choose the setup guide according to your OAuth/OIDC Provider from below link: https://plugins.miniorange.com/typo3-sso-single-sign-on-with-oauth-openid-connect-setup-guides

Administrator Manual

Target group: Administrators

Describes how to manage the extension from an administrator point of view. That relates to Page/User TSconfig, permissions, configuration etc., which administrator level users have access to.

Language should be non / semi-technical, explaining, using small examples.

Installation

  • How should the extension be installed?
  • Are they dependencies to resolve?
  • Is it a static template file to be included?

To install the extension, perform the following steps:

  1. Go to the Extension Manager
  2. Install the extension
  3. Load the static template
  4. ...

For a list of configuration options, using a definition list is recommended:

Some Configuration
This option enables...
Other configuration
This other option is for all the rest...
Extension Manager

Extension Manager (caption of the image)

List of extensions within the Extension Manager also shorten with "EM" (legend of the image)

Configuration

  • Where and how the extension should be configured? TypoScript? PHP?
  • Are there other prerequisite to full fill beforehand? For example, configure a setting in a special way somewhere.

FAQ

Possible subsection: FAQ

Subsection

Some subsection

Sub-subsection

Deeper into the structure...

ChangeLog

Providing a change log chapter is optional. You can also refer users to the ChangeLog file inside the extension or to some repository's commit listing.

Introduction

What does it do?

This chapter should give a brief overview of the extension. What does it do? What problems does it solve? Who is interested in this? Basically, this section includes everything people need to know to decide whether they should go on with this extension or not.

Screenshots

This chapter should help people figure how the extension works. Remove it if not relevant.

Introduction Package

Introduction Package just after installation (caption of the image)

How the Frontend of the Introduction Package looks like just after installation (legend of the image)