Strapi Single Sign-On (SSO)

Strapi SAML Single Sign-On (SSO) solution by miniOrange provides secure Single Sign-On access into Strapi using a single set of login credentials. This allows organizations to secure access to their Strapi team and easily manage user access, while also providing a seamless login experience for users.

With miniOrange Strapi SSO, you can:

Enable your users to automatically login to Strapi
Have centralized and easy access control of the users
Connect easily with any external identity source like Azure AD, ADFS, Cognito, etc

Get Free Installation Help

miniOrange offers free help through a consultation call with our System Engineers to Install or Setup Strapi SSO solution in your environment with 30-day free trial.

For this, you need to just send us an email at idpsupport@xecurify.com to book a slot and we'll help you in no time.

Supported SSO Features

miniOrange Strapi SAML integration supports the following features:

SP Initiated SSO Login: Users can access their Strapi account via a URL or bookmark. They will automatically be redirected to the miniOrange portal for login. Once they've signed on, they'll be automatically redirected and logged into Strapi.
IdP Initiated SSO Login: Users need to login to the miniOrange first , and then click on the Strapi icon on the applications dashboard to access Strapi.(If you have set up any more Identity Sources, you will log in to that platform).

Connect with External Source of Users

miniOrange provides user authentication from various external sources, which can be Directories (like ADFS, Microsoft Active Directory, Azure AD, OpenLDAP, Google, AWS Cognito etc), Identity Providers (like Shibboleth, Ping, Okta, OneLogin, KeyCloak), Databases (like MySQL, Maria DB, PostgreSQL) and many more.

Prerequisites

Install the miniOrange Login Provider in your project by running npm i miniorange-sso-connector.
(if you don’t have strapi project run the command npx create-strapi-app@latest my-project)
Copy the “users-permissions” folder from node_modules>>miniorange-sso-connector and paste it to src>>extensions of your project.

Follow the Step-by-Step Guide given below for Strapi Single Sign-On (SSO)

1. Configure Strapi in miniOrange

Login to miniOrange Admin Console.
Go to Apps Click on the Add Application button.

Under the Choose Application Type, click on the JWT.

Search for the application and select Strapi from the list.

Strapi Single sign-on (SSO) Select Custom WT App

Enter the following values in the respective fields.

Custom Application Name [Required] : Strapi (According to your choice)
Redirect-URL [Required] : http://localhost:1337/api/auth/miniOrange/callback
(URL to the page where the jwt token is verified)
Identity Source : User store or the external IDP where the user accounts will be stored.

Click on Save. Your application is configured successfully.
Now, navigate to Apps, go to Select next to your application and click on Edit.

Enter the Custom Application Name. You can see the client Id, App Secret (After clicking Click to reveal App secret) and Single Sign-On URL. Note down these these values as you will need this for SSO flow.