Admin SAML Single Sign On Magento Extension

Admin SAML Single Sign On Magento extension helps to connect a Magento instance with any SAML Identity Provider offering single sign on to the backend (admin panel) to the administrators.

This extension allows you to use any SAML 2.0-compliant Identity Provider for Single Sign-On to your Magento instance.

You can use this extension to interoperate with any Identity Provider, enabling SSO at the backend for administrators. It works with any IDP providers, including OneLogin, Okta, Ping Identity, ADFS, Salesforce, SharePoint,..

Our customers are happy with the extension and with the support received. Companies like Cisco, Toyota or PWC trusted on our services

The extension add SAML support at Magento deploying a Service Provider. On this extension the SAML flow can be initiated at the Identity Provider or at the Service Provider. Once metadata info is exchange between the entities and the rest of the settings configured on the admin panel, the Single Sign On feature is available and a customized link will appear on the admin login form.

Once logged on the Identity Provider, a SAMLResponse that includes data of the user will be sent to the Service Provider's Assertion Consumer Service endpoint, there the attributes will be mapped based on the settings and a related user account will be searched with the resulted data. If there is a match the user will be logged, if not and the Just-In-Time functionality is enabled, a new user account will be created on the fly. The extension also support roles.

The single Logout service is an optional feature that is also included on the extension, this service will close not only the Magneto's session, also the sessions of the Identity Provider and all active sessions of the related Service Providers.

At the advanced section of the settings there are a lot of parameters that controls how the Service Provider works, making it compatible with any Identity Provider. There you can decide if require the SAML Messages signed and encrypted or not, if sign the messages and the algorithm used, the NameId Format, the AuthContext required, ...

Please note that the module was implemented by Sixto Martin, author of 15+ SAML plugins and several SAML toolkits. Support by mail guaranteed. Get a reply in less than 48h (business day).

With this extended admin login form, your users can access Magento backend with any the Identity Provider established, they just click on the link “Login via your Identity Provider”, (the message is customizable)  to carry out their login process.





In the “Identity Provider Settings” section, you can set up some info related to the IdP that will be connected with your Magento. Contact the IdP’s administrator and ask him for the IdP metadata in order to fill the fields: IdP Entity Id, Single Sign On Service Url, Single Log Out Service Url and x509 public certificate.





In the “Options” section the behavior of the plugin is set, so you just select “ Yes” for some improtant fields: Create user if not exists, Update user data, Sync role when updating user, default RoleId and Single Log Out.





In the “Attribute mapping” section, we can set the mapping between IdP fields and Magento fields.




In the “Role mapping” section, we can set the mapping between IdP Role values and Magento Roles. Example: admin, owner, super-user. There are 10 fields, the id means that Role id=1 will match the Magento role that has id=1 if exists.





In the “Advanced Settings” section, you can easily handle some other parameters related to customizations and security issues. If sign/encryption is enabled, then x509 cert and private key for the SP must be provided.





 Full List Of Features

  • Enable SAML Single Sign On to the backend with this extension simply.

  • Connect a Magento instance with any SAML Identity Provider.

  • Allow to Login via Identity Provider.

  • Possible to single sign on/ log out service Url.

  • Easily switch On/Off the Admin SAML Module.

  • Provisioning/Auto-update user data.

  • Single Sign On (IdP & SP initiated).

  • Single Log Out (IdP & SP initiated).

  • Just-In-Time Provisioning (user data + roles).

  • Auto-provisioning: allow to create a new user with the data provided by the IdP.

  • Auto-update: update the account of the user with the data provided by the IdP and Review the Mapping section.

  • Possibly set the mapping between IdP fields and Magento fields.

  • Roles supported.

  • Customizable workflow.

  • Easily install and use.


Product Reviews (1) Write a review

service desk 5 star rating Submitted: March 27, 2018

what is best 1 or 5? I guess it is 5. I think you answers very fast. And I got the help I needed. The only question mark is why you asked for the purchase code, I was logged in on your site shouldn't you see the information of your customers? But any way good work, I'm very pleased. br Pär Norin
Submit your review

First: rate the product. Please select a rating between 1 (poorest) and 5 stars (best)

Write review

Become a client on Cmsmart, you are protected strongly with our Client Protection Programe. Especially we built -in a strong Central Ticket Support system to help clients and partners working on the products item support after purchased.

Go to item support

People also ask

No, you only need to purchase license for production that you use in production.

Yes, the extension support multi-store. Each store will have its own SAML settings.

Take in mind that you will need a license for each of them.
SAML is a standard for exchanging authentication and authorization data between different domains.

Learn more at:
The extension includes a Readme that explains how to install and where to find the SAML settings panel.

This SAML setting panel contains different sections with a bunch of fields. All of them have a short description that explains what value to use on it.

The extension uses the Onelogin php-saml toolkit [1], so take a look at its settings if you have more doubts

This extension will work with any Identity Provider that follows the SAML 2.0 standard.

Take in mind that SP expects to receive the SAMLResponse using the HTTP-Post binding, and rest of the SAML messages are exchange using HTTP-Redirect binding.
If you have a complex project where you want to add SAML support, for sure you will need to buy this extension to save you the time of integrate Magento.

If you need custom solutions for specific apps, or you don't have much idea about SAML and are not able to configure the Identity Provider, you can contact me at and I can offer my help and agree rate per worked hour.
Yes, this extension works on Magento Community and Magento Enterprise
0 Comment(s)

Login and write a comment

No comment

We are happy to provide the customization services to buyer of this product, please submit your request here and we will contact you ASAP

Submit Request Customized
Request Subject(*)
Detail Request(*)

Change log

Updated: 2018, Jul 31

- Update php-saml 2.14.0 - Bug on Helper/Data.php: Enable flag setter was wrong. getNameId call from wrong object $response instead $auth. - Relax DestinationValidation

Updated: 2017, Feb 27

- Update php-saml to 2.10.3 - Add nameIdFormat support on LogoutRequests

Updated: 2016, Oct 18

Update php-saml to 2.10.0 (security improvements)

Updated: 2016, Mar 09

Version 0.1.0
This is a Magento® Extensions item
Product rating: 5 star rating | Write a review 5/5 based on 1 rating(s)

2018, Jul 31

Magento 1.7.x, Magento 1.8.x, Magento 1.9.2.x, Magento 1.9.x


$149.00 GPL License

You can use the product for your own website or your clients website if you are developer. You are allowed to use this extension on Unlimited website while our private support is base on domain.

  • Private support for each 12 months
  • Unlimited tickets support
  • Download & upgrade new version

You can use the product for a lifetime without purchasing it again or pay for renewal payment. You should repurchase this product when your package expired but you want to get our support or update to the latest version

Support Domain License Under a 1 support domain license for the item you are granted a non-exclusive non-transferable permission to use the item on a single site.

If you plan to use the product on other domains, you SHOULD buy now to SAVE much better than buying separated order.
Frequently Bought Together We suggest below other products that often bought together.

Buy these products to ensure you have the SAME packages of features on your website project

MINIMIZE the conflicts of using different products from other developers.

And receive a FASTER support time.
Magento Order Upload Extension
$129.86 $129.86 (save $0)
Magento Order Upload Extension

Magento Order Upload Extension

5 rating (37)Reviews $ 129.86

Image Processing

Live demoDetail

Magento Quick view Extension
$89.79 $89.79 (save $0)
Magento Quick view Extension

Magento Quick view Extension

5 rating (10)Reviews $ 89.79

User Experience

Live demoDetail

$ 149.00
You will be rewarded 74 Points ($7.4)


Why choose Cmsmart?

img choose 1
Leading in quality and performances

We are proud ourselves to release our quality products to the e-commerce world.

img choose 1
Full solutions for niches industry

We provide many powerful completed Printshop, Multistore marketplace, etc solutions for industry

img choose 1
Excellent support and consultancy

We have a dedicated support team that delivery the excellent support

img choose 1
Private customization for your project

If you don't like our product as it is, you can custom it as you want

img choose 1
Long-term partnership care

We also want to have a long-term partnership with customer to support and take care

Welcome to Cmsmart community!
→ Do you know the secret to create a printing site in a few minutes?
→ What is the latest technology of Online Design 2019?
→ How to start a marketplace site without any trouble?
Join over 19,890+ readers as well as happy customers to open the successful key for your e-commerce business.