---
title: "Create a Drupal Site and Add Authentication with Auth0"
description: "Learn how to create your first Drupal site and add authentication to it with Auth0."
authors:
  - name: "Prosper Otemuyiwa"
    url: "https://auth0.com/blog/authors/prosper-otemuyiwa/"
date: "Aug 2, 2017"
category: "Developers,Tutorial,Drupal"
tags: ["drupal", "php", "auth0", "authentication", "cms"]
url: "https://auth0.com/blog/creating-your-first-drupal-site-and-adding-authentication/"
---

# Create a Drupal Site and Add Authentication with Auth0



---

**TL;DR:** Drupal is one of the most popular content management systems. It has gained massive adoption by developers and organizations around the world due to its ease of use for creating content-managed websites. Drupal has also thrived with the well-thought out module system built around it. In this article, we'll go through how to create your first drupal website and how to add authentication to it using Auth0.

---

[Drupal](https://www.drupal.org) has a vibrant community just like its counterpart **Wordpress**. **Drupal** is a free, open-source PHP content management system for building web sites and applications. It helps you to launch, manage and scale ambitious digital experiences very quickly.

Drupal is a registered trademark of [Dries Buytaert](http://buytaert.net). Dries founded Drupal and made the initial release public in 2001. Since then, Drupal has grown in leaps and bounds. The latest [Drupal release is 8.3.5](https://www.drupal.org/project/drupal/releases/8.3.5) at the time of writing.

## Let's Get Started

Without much ado, let's build our first website with Drupal. Head over to Drupal's website and download the [latest release](https://www.drupal.org/project/drupal/releases/8.3.5). You can download either the `.tar.gz` or `zip` file. Simply download the zipped file, extract it and copy it to your workspace.

**Note:** Ensure you have a fully functional local PHP server.

## Installation

Navigate to the extracted Drupal folder and run the app:

```bash
php -S localhost:8000
```

Right now, the website should open in your browser and take you to the installation page:

![Drupal First Page](https://images.ctfassets.net/23aumh6u8s0i/6wiQnHZWLFbUBTXQL618c7/49cf4bbd36105e879675add03d36724f/installation)

Select the Standard Profile

![Standard Profile](https://images.ctfassets.net/23aumh6u8s0i/58uOHtZ41oXNq6VH9DUeiv/f323666b068b4673e97c7b0abfe79456/standard)

Verify Requirements

![Verify Requirements](https://images.ctfassets.net/23aumh6u8s0i/1wyHiZZoWgFoQ6CTccpo7Y/03e8c43c97e15f364403a6f9b1e776e0/requirements)

Now, on to the database section. Ensure you have [MySQL](https://www.mysql.com/) or [MariaDB](https://mariadb.org) installed. Enter the right database credentials.

![Database](https://images.ctfassets.net/23aumh6u8s0i/6TZsXbKOws2zDC4rsMV9xa/2e8e06ebd0329712e90f95c2f84cfb64/database)

Proceed with Installation

![Installing Drupal](https://images.ctfassets.net/23aumh6u8s0i/6wiQnHZWLFbUBTXQL618c7/49cf4bbd36105e879675add03d36724f/installation)

Now, go ahead and configure your site:

![Configure your site](https://images.ctfassets.net/23aumh6u8s0i/6kqvS31esLBkmc8vjv5iRv/e75b3e7ee45cb9f0e284e7824d4ed358/configuration)

Once you are done configuring, save and continue. You will be redirected to the dashboard.

## Add Pages

Let's add a few pages to our new Drupal website. Click on `add content` in the Tools section by your left. You will be redirected to a new page. Click on `Basic Page`, then add the title and body.

Click on the `URL PATH SETTINGS` on the right and give the new page a URL alias, `/about`. Then hit the `Save and Publish` button.

![Add Page](https://images.ctfassets.net/23aumh6u8s0i/6VKOpRILBVpTugBKJ8TXCQ/1bdc1e2c7af118258ada8629dd5a09ef/addpage)

You can create several pages on your website using this simple process. Next, let's focus on authentication.

## Authentication

Fortunately, Drupal comes with a basic user authentication system. The moment we configured our site, it registered the site maintenance account details and created the first user with those credentials. Log out and try to log in again.

![Login](https://images.ctfassets.net/23aumh6u8s0i/4th0NB5oZ0LX4dYI1HBD5J/3cec1e047e89e2dd093121dd25a7c7a5/defaultLogin)

A new user can easily create an account too:

![Create new account](https://images.ctfassets.net/23aumh6u8s0i/4Fcu9KgsvuWnOqaEkU2h20/43381cc738eb7758cc3bc8702efa1ffd/create_new_account)

This is good. However, it is limited. If you want other forms of authentication such as Social Logins and Single Sign On functionalities, then you need to look for alternatives. Thankfully, Auth0 takes care of all your authentication needs.

## Authentication With Auth0

[Auth0](https://auth0.com) is a cloud-based service that makes authentication a breeze. It allows us to issue [JSON Web Tokens(JWTs)](https://jwt.io). [Auth0 offers a generous **free tier**](https://auth0.com/pricing) so you can get started with modern authentication right away.

There is a community maintained [Auth0 Drupal Plugin](https://github.com/auth0/auth0-drupal) that provides Single Sign On, Social Login, SAML and AD/LDAP Integration and [User Management](https://auth0.com/user-management).

* Download the [auth0-drupal zip file](https://github.com/auth0/auth0-drupal/archive/master.zip)
* Head over to `http://localhost:8000/admin/modules/install`
* Select the `auth0-drupal` zipped file from your local computer and click install.

    ![Install auth0 drupal plugin](https://images.ctfassets.net/23aumh6u8s0i/6ClNKsPM9usI5SBa0gR7FO/5d2581e440bfce4d626b4d531f9b6928/install_drupal_plugin)

* After installing successfully, head over to the modules section, `http://localhost:8000/admin/modules`, check the `Auth0` module and click the install button to activate the **Auth0** module.

    ![Activate the Auth0 module](https://images.ctfassets.net/23aumh6u8s0i/1tz7iii1ph61FDBc3s4TUS/37cf6cf1a27db5a719e23fce5371ce2d/activatemodule)

* Go to `https://manage.auth0.com`, click on the `new client` button, select web application as the type of app and create the client. In the `Settings` tab, add `http://localhost:8000/auth0/callback` to the **Allowed Callback URLs** section. Add `http://localhost:8000` to **Allowed Origins(CORS)**

* Head over to `http://localhost:8000/admin/config/auth0`. Here, we'll add our Auth0 credentials. Copy the `Client ID`, `Domain`, and `Client Secret` from your Auth0 dashboard and paste it here. Also select `HS256` as the JWT Algorithm like so:

    ![Auth0 Config](https://images.ctfassets.net/23aumh6u8s0i/7FtRhBvSx6SoOoncMjgKEK/f95ac346ab5a5d5b569878bf134a8995/auth0config)

**Note:** HS256 is the default algorithm. Check out this [excellent article](https://auth0.com/blog/navigating-rs256-and-jwks/) to see why RS256 is recommended. Again, you can still use HS256 like I used here.

* Select the `Advanced` section of `http://localhost:8000/admin/config/auth0`. Check the box for `Redirect login for SSO` and save. We are doing that to ensure the system uses the Auth0 hosted lock page.

    ![Advanced Config](https://images.ctfassets.net/23aumh6u8s0i/2JBjGxT0aIhxNdQVkrLLsf/55fc18e44a29fc23c49abd0a3da25404/advancedconfig)


### Install Dependencies

It is very important to take note of this step. Open the source code of your app in a text editor or IDE. Open the `composer.json` file and add this to the `require` section:

```bash
"auth0/auth0-php": "^5.0",
"ircmaxell/random-lib": "^1.2"
````

So the `require` section of your `composer.json` file should look like this:

```bash
"composer/installers": "^1.0.24",
"wikimedia/composer-merge-plugin": "~1.4",
"auth0/auth0-php": "^5.0",
"ircmaxell/random-lib": "^1.2"
```

Now, run `composer update` in your terminal to install all the dependencies. Look at the terminal and ensure the `auth0-php` library was installed.

Go ahead and run your app again. Click on login. You will be redirected to Auth0 Hosted Lock page and shown the sign in widget.

![Auth0 Login](https://images.ctfassets.net/23aumh6u8s0i/45gRyHOhBUXTBrCyEeYCbe/cf46d26a1e9170d3c1642725dc8f6db7/auth0login)
_Log In_


![LoggedIn State](https://images.ctfassets.net/23aumh6u8s0i/1vfaNx5vkP6MWhU2OuPuUl/bac3bf47b8951a7c380b4ea0a16bcc50/loggedinstate)
_Authenticated State_

Oh, snap! That's all? Is it that simple? Yes it is! You can check out the [source code](https://github.com/auth0-blog/drupal-auth0-app) for reference.

## Conclusion

Well done! You have just built your first site with Drupal. As we saw in this tutorial, you can easily add authentication to your Drupal sites/apps. This tutorial is designed to help you get started on building your own web sites and applications with Drupal. You can leverage the knowledge gained here to build bigger and better web sites.

In addition, Auth0 can help secure your [B2C](https://auth0.com/b2c-customer-identity-management), [B2B](https://auth0.com/b2b-enterprise-identity-management) and [B2E](https://auth0.com/b2e-identity-management-for-employees) organization with more than just username-password authentication. It provides features like [multifactor auth](https://auth0.com/multifactor-authentication), [anomaly detection](https://auth0.com/docs/anomaly-detection), [enterprise federation](https://auth0.com/docs/identityproviders), [Single Sign On (SSO)](https://auth0.com/docs/sso), and more. <a href="https://auth0.com/signup" data-amp-replace="CLIENT_ID" data-amp-addparams="anonId=CLIENT_ID(cid-scope-cookie-fallback-name)">Sign up</a> today so you can focus on what really matters: growing your business.