Appearance
CP Overview
On the CP page you can modify a couple of things.
Default settings
Logging settings
| Name | Description |
|---|---|
| Logging | What should be logged. Options: only errors, Everything, Nothing |
SSO settings
| Name | Description |
|---|---|
| Membergroup | Assign new SSO users to a member group |
| Allow new SSO accounts | Allow login with a new email. For this new email the SSO module will create a new EE account |
| Allow social login to merge with non social accounts | Allow users to log in to existing ExpressionEngine email accounts that were created by EE itself, not by the SSO module. This way, a user can have an existing account and by logging in via the SSO module, they can access that existing account |
| Send new password per mail | Send the newly created password to the user only if the EE account was created. Existing accounts will not receive a new password |
| Send password when user disconnect | When enabled, a password is sent to the user when they disconnect their account |
| Sync profile picture | Sync the profile picture on every login, so it gets updated on every login |
| Email collect form | When the email is not given from the social site, you can use a template to collect the email. In the template you need at least this template code: |
html
{exp:reinos_sso:email_collect_form}
<input type="email" name="email"/>
<input type="submit"/>
{/exp:reinos_sso:email_collect_form}Select the template to use as the email collect form via the template dropdown.
Member settings
| Name | Description |
|---|---|
| Disable member registration | In order to use only SSO as registration/login option, you can disable the default EE member registration in the member settings |
Provider settings
Also you can edit your settings per provider (social site) and per site there are different settings
Google
| Name | Description |
|---|---|
| Enabled | Is the provider enabled or not |
| ID | Your API ID |
| Secret | Your API Secret |
To get the API keys follow the following steps:
- Go to https://code.google.com/apis/console/ and create a new project.
- Go to API Access under API Project. After that click on Create an OAuth 2.0 client ID to create a new application.
- A pop-up named "Create Client ID" will appear, fill out any required fields such as the application name and description.
- Click on Next.
- On the popup set Application type to Web application and switch to advanced settings by clicking on (more options).
- Provide this URL as the Callback URL for your application: Callback url showed on the overview page
Facebook
| Name | Description |
|---|---|
| Enabled | Is the provider enabled or not |
| ID | Your API ID |
| Secret | Your API Secret |
To get the API keys follow the following steps:
- Go to https://developers.facebook.com/apps and create a new application by clicking "Create New App".
- Fill out any required fields such as the application name and description.
- Put your website domain in the Site Url field.
Twitter
| Name | Description |
|---|---|
| Enabled | Is the provider enabled or not |
| ID | Your API ID |
| Secret | Your API Secret |
To get the API keys follow the following steps:
- Go to https://dev.twitter.com/apps and create a new application.
- Fill out any required fields such as the application name and description.
- Put your website domain in the Website field.
- Provide this URL as the Callback URL for your application: Callback url showed on the overview page
LinkedIn
| Name | Description |
|---|---|
| Enabled | Is the provider enabled or not |
| ID | Your API ID |
| Secret | Your API Secret |
To get the API keys follow the following steps:
- Go to https://www.linkedin.com/secure/developer (or https://www.linkedin.com/secure/developer?newapp=) and create a new application.
- Fill out any required fields such as the application name and description.
- Copy the Callback URL from the SSO control panel into the OAuto 2.0 Authorized Redirect URL field.
Apple
| Name | Description |
|---|---|
| Enabled | Is the provider enabled or not |
| ID | Identifier ID of the Services ID |
| Team ID | Team ID, can be found in the top-right of your screen |
| Key ID | The ID of your key |
| Key Content | The actual content of your (private) key |
To get the API keys follow the following steps:
- Sign in to https://developer.apple.com/account/resources
- Create a new Identifier of type
APP IDsand enable "Sign In with Apple". - Create an other Identifier of type
Serivces IDsand enable "Sign In with Apple". Configure it so it will use thePrimary App IDcreated in step 2. Also, add your domain and redirect/callback URL e.g.https://your-domain/sso_route/auth/AppleThis is your Identifier ID. - Create a new Key with "Sign in with Apple" checked and your identifier attached via the config button. Download the key and safe it somewhere safe.
Resources
- https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple
- https://developer.apple.com/sign-in-with-apple/get-started
- https://sarunw.com/posts/sign-in-with-apple-2
Email template
To customise the email template, you can alter the template in the Template Manager -> System Templates -> Email and look for SSO.