Strapi SAML Single Sign-On (SSO) solution by miniOrange provides secure Single Sign-On access into Strapi using a single set of login credentials. This allows organizations to secure access to their Strapi team and easily manage user access, while also providing a seamless login experience for users.
With miniOrange Strapi SSO, you can:
Enable your users to automatically login to Strapi
Have centralized and easy access control of the users
Connect easily with any external identity source like Azure AD, ADFS, Cognito, etc
Get Free Installation Help
miniOrange offers free help through a consultation call with our System Engineers to Install or Setup Strapi SSO solution in your environment with 30-day free trial.
For this, you need to just send us an email at email@example.com to book a slot and we'll help you in no time.
Supported SSO Features
miniOrange Strapi SAML integration supports the following features:
SP Initiated SSO Login: Users can access their Strapi account via a URL or bookmark. They will automatically be redirected to the miniOrange portal for login. Once they've signed on, they'll be automatically redirected and logged into Strapi.
IdP Initiated SSO Login: Users need to login to the miniOrange first , and then click on the Strapi icon on the applications dashboard to access Strapi.(If you have set up any more Identity Sources, you will log in to that platform).
Connect with External Source of Users
miniOrange provides user authentication from various external sources, which can be Directories (like ADFS, Microsoft Active Directory, Azure AD, OpenLDAP, Google, AWS Cognito etc), Identity Providers (like Shibboleth, Ping, Okta, OneLogin, KeyCloak), Databases (like MySQL, Maria DB, PostgreSQL) and many more.
Install the miniOrange Login Provider in your project by running npm i miniorange-sso-connector. (if you don’t have strapi project run the command npx create-strapi-app@latest my-project)
Copy the “users-permissions” folder from node_modules>>miniorange-sso-connector and paste it to src>>extensions of your project.
Follow the Step-by-Step Guide given below for Strapi Single Sign-On (SSO)
Under the Choose Application Type, click on the JWT.
Search for the application and select Strapi from the list.
Enter the following values in the respective fields.
Custom Application Name [Required] :Strapi (According to your choice)
Redirect-URL [Required] :http://localhost:1337/api/auth/miniOrange/callback (URL to the page where the jwt token is verified)
Identity Source :User store or the external IDP where the user accounts will be stored.
Click on Save. Your application is configured successfully.
Now, navigate to Apps, go to Select next to your application and click on Edit.
Enter the Custom Application Name. You can see the client Id, App Secret (After clicking Click to reveal App secret) and Single Sign-On URL. Note down these these values as you will need this for SSO flow.
2. Configure the plugin in your application
Login to your Strapi account.
Select the miniOrange provider from providers list of Strapi application.
Enable the miniOrange Provider and fill the Client ID, Client Secret and Redirect URL obtained from the above step.
Hit the SSO URL in the browser. You will be validated by miniOrange and after that you will get the required info of the user.