SAML Single Sign On Plugin
- miniOrange SAML SSO Plugin acts as a SAML 2.0 Service Provider which can be configured to establish the trust between the plugin and various SAML 2.0 supported Identity Providers to securely authenticate the user to the Joomla site.
- We Support plethora of SAML 2.0 Compliant Identity Providers like Shibboleth, SimpleSamlPhp, Okta, ADFS, Salesforce, OpenAM, Centrify, Ping, IBM Tivoli Identity Manager, RSA FIM (Federated Identity Manager), Oracle Identity Manager, miniOrange etc.
- Easily Configure the Identity Provider by providing just the SAML login URL, IDP Entity ID and Certificate.
- Use the Attribute Mapping feature to map joomla user profile attributes to your IdP attributes.
- Use the Role Mapping feature to assign roles in your IdP to your joomla users during auto registration.
- Automatic user registration after login if the user is not already registered with your site.
- Backend and Frontend Login Supported for Super User. If user is Super User, the user will be logged into both frontend and backend of the site.
No need to sign in again in the admin panel (backend) for Super User, once he is logged into frontend of the site via Single Sign On. [Premium Feature]
- We provide active support. If you require any Single Sign On application or need any help with installing this plugin, please feel free to email us at firstname.lastname@example.org or Contact us.
- We have thousands of happy customers using this, click here to have a look.
In order to setup SAML Single Sign (SSO), you need to follow these 4 steps:
- Configure Single Sign-On Settings in your Idp.
- Download the plugin from miniOrange and Install it in Joomla.
- Configuring the plugin.
- Adding SAML login link in Joomla.
Follow the Step-by-Step Guide given below for Joomla Single Sign On (SSO) for SAML.
Step 1: Configure Single Sign-On Settings in your Idp.
|SP Metadata Url
|SP Entity ID
Step 2: Download the plugin from miniOrange and Install it in Joomla
- You can download the plugin zip file from the download link given at top of this page.
- Login as administrator in Joomla.
- Click on Extension Manager under Extensions.
The Extension Manager is used to install extensions in Joomla. Here you have three options to choose from to install your extension. In most cases, you should go with the first option. The three options are:
Choose miniOrange Joomla plugin file to install (i.e. miniorangesaml.zip).
Install the plugin.
- Upload Package File
- Install from Directory
- Install from URL
Step 3: Configuring the plugin
After the Idp Settings are done. You can go to Attribute Mapping Tab to map user attributes from idp to your joomla user attributes.
Go to Group Mapping Tab if you want to map groups from your idp to Joomla user group when auto creating the user in joomla.
Once the settings are done enable the plugin from the Plugin Manager.
- In the Joomla admin interface, click on Plugin Manager under Extensions.
The Plugin Manager allows you to enable and disable Joomla plugins and to edit plugin details and options. It is also useful for quickly enabling or disabling multiple plugins at the same time.
- Search for miniorange in plugins.
- Enable Authentication - miniOrange and System - Miniorange Saml Single Sign-On plugins
- Click on the Authentication - miniOrange plugin and go to Identity Provider Settings tab.
- Copy the following data from your Idp setup:
1. Idp Entity ID
2. Saml Login Url
3. X.509 Certificate
and save it here in the plugin Identity Provider Settings.
X.509 Certificate -
- Open your Idp certificate in a notepad and copy its contents here. For Example-
Step 4: Adding SAML login link in Joomla
The SAML login link can be added to Joomla main login form as follows:
miniOrange supports both SAML based Single Sign On into Joomla as well as OpenID connect based Single Sign On. This guide explains SAML based Single Sign On into Joomla.
In SAML SSO, miniOrange supports both IdP (Identity Provider) and SP (Service Provider) initiated Single Sign On (SSO) for Joomla.
IdP Initiated Single Sign On (SSO)
In IdP Initiated Login, SAML request is initiated from any Third Party Identity Provider like Shibboleth, SimpleSaml, Salesforce, Okta, ADFS, etc.