SAML Single Sign On Magento Extension - Sixto Martin

SAML Single Sign On Magento extension helps your customer can connect a Magento instance with any SAML Identity Provider after you enable and configure it successfully in your backend.

If you are working with a partner that has implemented a SAML identity provider (OneLogin, Okta, Ping Identity, ADFS, Salesforce, SharePoint...), you can use this extension to interoperate with it, thereby enabling SSO for customers.

Our customers are happy with the extension and with the support received. Companies like Cisco, Toyota or PWC trusted on our services

Please note that the module was implemented by Sixto Martin, author of 15+ SAML plugins and several SAML toolkits. Support by mail guaranteed. Get a reply in less than 48h (business day).





Full List Of Features

  • Enable SAML Single Sign On with this extension simply.
  • Connect a Magento instance with any SAML Identity Provider.
  • Allow to Login via Identity Provider.
  • Possible to single sign on/ log out service Url.
  • Easily switch On/Off the SAML Module.
  • Provisioning/Auto-update user data.
  • Single Sign On (IdP & SP initiated).
  • Single Log Out (IdP & SP initiated).
  • Just-In-Time Provisioning (user data + group + address).
  • Auto-provisioning: allow to create a new user with the data provided by the IdP.
  • Auto-update: update the account of the user with the data provided by the IdP and Review the Mapping section.
  • Possibly set the mapping between IdP fields and Magento fields.
  • Mapping could be also set at Onelogin's IdP as well.
  • Group and address supported.
  • Customizable workflow.
  • Supports Magento Multi-stores.
  • Powerful features in backend.
  • Easily install and use.

Product Reviews (11) Write a review

Thorsten Schramm 5 star rating Submitted: September 12, 2017

The extension works fine so the integration into Magento was easily done. Problems or customisations are very quick and helpful answered by Mr. Garcia. Excellent support! Excellent extension! Highly recommended.

Justin Seipel 5 star rating Submitted: April 6, 2017

Great work on the issue. Found the problem quickly and fixed it within a day.

Suvir Khullar 5 star rating Submitted: November 7, 2016

We were earlier struggling for SAML integration for one of our client. We tried different options before but could not work for them. Then I tried this extension developed by Mr. Sixto. Steps for Integration of SAML is followed as per instructions given in user guide. However for SAML integration one will definitely need assistance from the extension developer. The kind of support provided by Sixto is awesome. His response to my emails was very prompt and with detail instructions and guidance. With his great support we have successfully integrated SSO in our magento store. I recommend Mr. Sixto as SAML technological partner. All my good wishes for him and his fantastic product.

Shayne Stone 5 star rating Submitted: January 21, 2015

very powerful and unique extension. Good luck with sales!

Billie Mead 5 star rating Submitted: March 28, 2015

I recently got to use the SAML Single Sign-on Magento Extension on a huge project with a fortune 500 company, Varian Medical Systems based in CA. We implemented it on a mission critical project, the Varian Custom Marketplace. As the project manager with a large budget, I could have gone with any one solution, even a custom coded job. But we used this extension and the results couldn't have been better as the code is flawless. And the author provided some of he best technical support I have seen in years. You don't even have anything to consider... get this extension and save yourself a ton of problems and headaches. Billie M. (PrintTech Consulting)

Barry Allwood 5 star rating Submitted: April 21, 2015

Great extension and great support!

Timo Peschka 5 star rating Submitted: February 17, 2016

You wrote: "I implemented a solution where Magento acta as Identity Provider (separate piece of software) that requires the SAML extension" (Date: 01/27/2016 11:12AM) We also want to use Magento as a SAML provider. Is it possible to buy your "solution"?

Maarten Troonbeeckx 5 star rating Submitted: February 29, 2016

Excellent package. Was easily extensible for one of our client's specific needs and the author went through some great lengths to help us out where needed. Highly recommended if you a SAML solution for Magento!

Maarten Troonbeeckx 5 star rating Submitted: February 29, 2016

Excellent package. Was easily extensible for one of our client's specific needs and the author went through some great lengths to help us out where needed. Highly recommended if you a SAML solution for Magento!

Greg Rudakov 5 star rating Submitted: February 29, 2016

Great tool, worked as expected with Microsoft Azure, Sixto was great help with the initial setup (as I was a first timer)

nathan 5 star rating Submitted: March 1, 2016

Good product and Good technical support offered by the developer too.
Submit your review

First: rate the product. Please select a rating between 1 (poorest) and 5 stars (best)

Write review

Become a client on Cmsmart, you are protected strongly with our Client Protection Programe. Especially we built -in a strong Central Ticket Support system to help clients and partners working on the products item support after purchased.

Go to item support

People also ask

No, you only need to purchase license for production that you use in production.

Yes, the extension support multi-store. Each store will have its own SAML settings.

Take in mind that you will need a license for each of them.
SAML is a standard for exchanging authentication and authorization data between different domains.

Learn more at:
The extension includes a Readme that explains how to install and where to find the SAML settings panel.

This SAML setting panel contains different sections with a bunch of fields. All of them have a short description that explains what value to use on it.

The extension uses the Onelogin php-saml toolkit [1], so take a look at its settings if you have more doubts

This extension will work with any Identity Provider that follows the SAML 2.0 standard.

Take in mind that SP expects to receive the SAMLResponse using the HTTP-Post binding, and rest of the SAML messages are exchange using HTTP-Redirect binding.
If you have a complex project where you want to add SAML support, for sure you will need to buy this extension to save you the time of integrate Magento.

If you need custom solutions for specific apps, or you don't have much idea about SAML and are not able to configure the Identity Provider, you can contact me at and I can offer my help and agree rate per worked hour.
Yes, this extension works on Magento Community and Magento Enterprise
15/21 Comment(s)

Login and write a comment



 We have Magento Community Edition 1.5.x version, and looking for Single Sign on platform for OKTA integration. couple of questions?

 1. does it suppor 1.5.x magento version

 2. does it work with OKTA SAML configuration

 3. does it have something, to exclude "/api/" from OKTA login to use as api for clients??

 Any help is appreciated!!

Sixto Martin
Sixto Martin Author
  • Date: 2019-01-13 22:47:49
1. Tested with Magento 1.7 - 1.9 1.5 is kinda old (8 years old)
2. Yes
3. The extension adds SAML support and uses SAML flows. It does not interact with any Okta API.
  • Date: 2019-01-26 20:24:26
Thanks, another quick question, does it has compatibility to whitelist some endpoint, if we don't want to enable SAML on it.. what I meant is, if we have enabled magenta api endpoint to our clients, and don't what to kick SAML on /api endpoint, can we do it??
Alex N
As I understand the module “SAML Single Sign On Magento Extension” is under the GPL license which is not compatible with the Magento EE (Enterprise Edition) license. Is it possible to buy the module with the “LGPL” (Lesser GPL) license?
Sixto Martin
Sixto Martin Author
  • Date: 2019-01-13 22:48:46
You can use the extension with Magento EE.
Shibboleth SAML 2 SSO Purchased
  • Date: 2018-04-17 03:04:38
We are interested in purchasing this extension for the following use case:

For a university we are creating a dedicated webshop with specific discounts. Studentes and employees have to identify themselves using the SSO that the university uses, this is Shibboleth and if follows the SAML 2.0 standard.

We have the following questions:

- Does your exetension work with Magento 1 enterprise v.
- Will it be possible to integrate the Shibboleth SSO?
- Reading the details of the extension I assume it would be possible to let a user authenticate using Shibboleth, map the user to a customer group (example employee or student) and apply the correct discount to that customer group?
- Is it possible to get a licence for our staging environment before we buy the extension?
Sixto Martin
Sixto Martin Author
  • Date: 2018-04-17 03:04:15
- Does your extension work with Magento 1 enterprise v.


- Will it be possible to integrate the Shibboleth SSO?

Yes, Shibboleth IdP is compatible.

- Reading the details of the extension I assume it would be possible to let a user authenticate using Shibboleth, map the user to a customer group (example employee or student) and apply the correct discount to that customer group?

Yes, group mapping is supported by the extension

- Is it possible to get a license for our staging environment before we buy the extension?

No, you need to purchase the extension
Login link goes right to SSO providor Purchased
  • Date: 2018-03-12 09:03:01
We noticed in your Magento 2 module you put in the ability to hide the local login and when a user clicks login on the site it will take the customer to the SSO login and they never see the login page on Magento. Does this exist in your Magento 1 module as well? Something our magento 1 customer has been asking for years to have on the site. thanks for a great M1 and M2 module.
Sixto Martin
Sixto Martin Author
  • Date: 2018-03-12 10:03:28
Hi Brian,

is not implemented on the M1 extension, but if your customer requires it, I don't think gonna be complex to implement it for them.
Andrea Sansotta
SSO Redirect Purchased
  • Date: 2017-01-26 11:01:01
When our User is logging into the System which we have configured for SSO, they land at an undesired page. How do I make the Users go to a certain page after they login? Is this a configurable field to change the Landing Page?
Sixto Martin
Sixto Martin Author
  • Date: 2017-01-26 12:01:11
Hi Andrea,

this is not configurable by the SAML admin panel right now (maybe I will include that functionality in a future release).

but you can custommize the SAML Extension. If you go to the Magento root path and edit the file:


at the bottom of the processSSO method there are 2 lines that redefines the $urlToGo var:

$urlToGo = Mage::getUrl('customer/address/edit/id/'.$customAddress->getId());


$urlToGo = Mage::getUrl('customer/address/new');

simply comment them, and the user will be redirected to the default page of the site, or to the RelayState URL if there is any.

also if you want to redirect to a specific account you can specify it....
Sixto Martin
Sixto Martin Author
  • Date: 2017-01-27 07:01:14
I published the 1.1.5 version that supports what you were asking for.
Andrea Sansotta
iDP Identity and SAML Endpoint Purchased
  • Date: 2017-01-12 02:01:21
So, we have developed a website for our very large client. The client requested that the website have the SSO functionality and they are using Ping Identity as their SSO Provider and that have given us the iDP information and other various configuration information. Now they are asking us for our iDP and SAML Endpoint. What are these fields and how can I obtain this information to share to my client?

Thank you very much for your help.
Sixto Martin
Sixto Martin Author
  • Date: 2017-01-12 02:01:06
Hi Andrea, the SAML Single Sign On Magento Extension add SAML support to Magento turning it in a SAML SP to be conected with an IdP.

If your customer provided to you SAML IdP data you will be able to add it at the "IdP Setting" section and at the status section you will be able to find a link to the SP metadata that you need to share with the IdP administrator.

Review the documentation of the extension where is described that info I shared.
Andrea Sansotta
PHP Version Requirement Purchased
  • Date: 2017-01-06 01:01:34
Our current version of PHP is 5.6.26. We want to install the extension but, we are getting the error (CONNECT ERROR: Package community/Onelogin_SAML 1.1.4: requires PHP version >= 5.3.3 and <= 5.6.24 current is: 5.6.26). We just want to make sure this extension is still okay to install and that it will work properly.

Thank you.
Sixto Martin
Sixto Martin Author
  • Date: 2017-01-06 01:01:17
or open a support ticket and I will be able to provide to you a zip version without that problem.
Sixto Martin
Sixto Martin Author
  • Date: 2017-01-06 01:01:24
1. Descompress the Onelogin_SAML-1.1.4.tgz
2. Edit the package.xml, at the bottom there is a reference like this:

dependencies - required - php - min 5.3.3- min - max . 5.6.24 - max

modify it and put

dependencies - required - php - min 5.3.3- min - max . 5.6.27 - max

3. Compress again the files on a tar.gz
Wee Keat
Magento 2 Support
  • Date: 2016-06-28 10:06:45

I'm looking to purchase this item and I would like to know if your extension supports Magento 2 and above? I saw one of your YouTube video demo'ing SSO on Magento 2.

Look forward to hearing from you.

Sixto Martin
Sixto Martin Author
  • Date: 2016-06-28 11:06:36
This extension only works for Magento 1.X.

I have another extension that works for Magento 2.0 but is still not officially published.
If you are interested you can contact directly with me at and I will provide to you more info about that new extension.
The Nguyen
Customer sharing "Global" issue
  • Date: 2016-06-09 10:06:13

We are using this extension. We have 12 websites and we set Customer Sharing as "Global". We also have option "Create user if not exist" set to "Yes"
Issue is we can not login with same customer on another website. It show me an error:
The auto-provisioning process failed: Customer email already exist

Can you let me know what we need to do to make it works? We need to set Customer Sharing as "Global"

Thank you
Sixto Martin
Sixto Martin Author
  • Date: 2016-06-09 11:06:44
Right now the extension is able to provision an user that does not exists previously in any other store, but not to link an existed user on the specific store.

Take in mind that each websites is consider as unique Service Provider able to be connected with a Identity Provider. It seems that in your scenario, you are connecting all the stores to the same IdP (not the common use)

I can implement the ability of link an existed user to the specific store, but I will need to add an extra option on the settings to enable it because in other scenarios, where you connect with different IdPs, this can provoke a security issue.

P.S Do you have license for all those sites?
The Nguyen
Hi ,

I am using this extension for our Magento project.
My problem is. we have 12 websites (same domain, store code added to url).
From backend, we see the same metadata url being used for 12 websites (without store code)

And now, we can implement only 1 website (default website). When we try to add another website to ADFS

It show me the error:

An error occurred during an attempt to access the AD FS configuration database: Error message MSIS7612: Each identifier for a relying party trust must be unique across all relying party trusts in AD FS 2.0

Any Idea ?

Sixto Martin
Sixto Martin Author
  • Date: 2016-05-31 01:05:46
In the backend, you are able to link SAML settings to a specific shop. At the advanced section be sure you are adding a different SP EntityId for each shop. The SP metadata generated should have a different EntityId then so when you store it in ADFS you dont experience the previous error.

If the metadata generated keep being the same contact me and we can schedule a meeting to fix the issue (with no extra cost).
The Nguyen
The Nguyen
  • Date: 2016-05-31 02:05:17
Hi Martin,

Thank a lot. It works :)
Sixto Martin
Sixto Martin Author
  • Date: 2016-05-31 02:05:56
Great, let me know if you experience any other issue.

And please if you have some spare minutes, provide feedback at the magento marketplace / cmsmart. Is so important in order to let know the future customers the right extension to be bought.
ChianMing Tan
We have a B2B Magento site which we have multiple corporate clients who are using different SSO solutions. Can this extension multiple SSO solutions ?

We also have a need to support LDAP or Active Directory. Do you provide custom project support?

Sixto Martin
Sixto Martin Author
  • Date: 2016-05-25 08:05:16
The SAML extension supports Multi-site so you can connect each shop with an Identity Provider (but notice there is license domain restriction).

If you want to connect 1 shop with more than 1 Identity Provider, then you will need to deploy also a simpleSAMLphp SAML bridge so:
Multiple IdPs --- SAML bridge -- Magento Service Provider.

My extension is only for the SAML standard, but if you need to be connected with an LDAP or Active directory, you can use those authentication sources and deploy an Identity Provider using simpleSAMLphp and connect it with the magento SAML extension.

I offer support for the extension (50$/hour), but for custom SSO projects I ask for 60$/hour.
ChianMing Tan
ChianMing Tan
  • Date: 2016-06-06 08:06:15
hi Martin, we will be in contact via LinkedIn for custom project. Thanks.
  • Date: 2016-05-24 07:05:28
Is this extension encrypted in anyway, limiting me from further extending it for my specific needs?
Sixto Martin
Sixto Martin Author
  • Date: 2016-05-24 09:05:28
Hi Thomas,

Code is in plain-text, not obfuscated, you will be able to customize the extension for your specific needs. I also offer support for help you (50$/hour) if you need.
Dhruva Khanna
MS Azure SSO
  • Date: 2016-05-03 06:05:05
I am looking to buy this extension for a client, they are using MS azure for SSO, i want to know if this would work with MS Azure or not? If yes, how can we integrate it?
Sixto Martin
Sixto Martin Author
  • Date: 2016-05-03 08:05:47
Azure Active Directory supports the SAML 2.0 web browser single sign-on (SSO) profile.

You will be able to install and configure the SAML extension for Magento (enabling it as a SAML Service Provider), and then connect it with Azure, as explained here:
Dhruva Khanna
Dhruva Khanna
  • Date: 2016-05-05 09:05:50
Thanks for the reply., I have a few questions:

1. Will the users from the Azure SSO be added into magneto’s database
2. If the team at my client’s side, delete’s a user, will it be automatically deleted from Magento?
3. If the team at my client’s side, ADD’s a user, will it be automatically added in Magento?
4. I want to assign particular user groups to some users, is that possible during the insertion of the users in magento?
5. Is it possible to arrange a one to one demo to know how the extension is working?
6. are you able to configure the extension for us?
Sixto Martin
Sixto Martin Author
  • Date: 2016-05-05 10:05:54
1. Yes if you enable at the settings the 'just-in-time" provisioning functionality.

2. No, but the user will not be able to access to the Magento since can't SSO anymore using Azure SSO.

3. No, this is not how SAML works, in SAML we are able to create users once they are authenticated on the Identity provider and try to access Magento, in this moment is created the account there.

4. Yes, group are supported on the plugin, there is a mapping section where you set what group from the Identity Provider will be assigned which what groups of Magento

5. Have you checked the video?

There I show you how it works and also I navigate showing the setting panel.
Also the settings/features are described here:

but if you still require a 1-1 demo we can schedule it,

6. Yes, I offer support for any change/customization/help with settings of the Magento extension. My rate is 50$/hour.
I don't offer specific support of the Azure SSO part since I'm not an expert on that and you should be able to contract a better candidate for that part.

In order to solve 2 and 3 you will need to use something like:
The Nguyen
Admin ADFS login extension error
  • Date: 2016-04-22 02:04:45
Hi ,

I bought admin extension to use ADFS for Magento admin.
I got this error after install and trying to login from ADFS(federation) to Magento:

"The status code of the Response was not Success, was Requester -> urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy
Error at the ACS Endpoint.

Reason: The status code of the Response was not Success, was Requester -> urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy"

I am newer in working with ADFS, so can you please tell me what above message means and how to solve it?

Thank you so much
Sixto Martin
Sixto Martin Author
  • Date: 2016-04-22 02:04:29
ADFS expect an specific NameIDFotmat on the AuthNRequest sent by the Service Provider but is receiving a different value.

In the setting panel of the SAML Magento extension, at the advanced settings you will find the NameIdFormat value used, change it and use the same format that the ADFS (maybe transient?).

At this documentation you can learn more about ADFS:
The Nguyen
Custom login page
  • Date: 2016-03-21 10:03:41
Hi Cmsmart,

I am interesting in this extension. Anyway, I have 1 question:
From your demo video, There is a link on login page (linked to IP).
Can we allow customer to enter user and password on Magento login page instead of doing it on external website? I mean user go to Magento login page, enter username and password (IP credentials, not Magento credentials) and we login that customer automatically instead of go to another website.

Looking forward for your response
Sixto Martin
Sixto Martin Author
  • Date: 2016-03-21 11:03:39
This is not like SAML work.

In the SAML SSO workflow credentials are provided to the Identity Provider login form, not to the Service Provider so that external link is a must (if you want to keep normal login).

Please, to understand the SAML protocol visit:

If you plan to disable Magneto's normal login and force always the SAML authentication, then you don't need that link and instead we can redirect always the user to the Identity Provider login form when the user access to Magento.
The Nguyen
The Nguyen
  • Date: 2016-03-22 12:03:34
Hi Martin,

Thanks for your response.
We need to be able to fully customize the login page
So Can we customize the login page even it is not Magento page?
You can refer to another extension:
That extension comes with customized login page.


We are happy to provide the customization services to buyer of this product, please submit your request here and we will contact you ASAP

Submit Request Customized
Request Subject(*)
Detail Request(*)

Change log

Updated: 2018, Jul 31

- Update php-saml to 2.14.0

Updated: 2017, Jun 12

- Update php-saml to 2.10.6 - Improve the way users are created/updated in websites/stores

Updated: 2017, Feb 27

- Add nameIdFormat support on LogoutRequests

Updated: 2017, Jan 28

- Update php-saml to 2.10.3 - Add better control of redirections after login

Updated: 2016, Oct 17

- Update php-saml to 2.10.0 (security improvements) - Add force SAML feature - Add the ability to sign metadata

Updated: 2016, Sep 12

- When the custom attribute is the field to identify the user, let update the email when

Updated: 2016, Sep 02

- Add support for custom attribute and log by custom attribute.

- Now AuthNRequests can be sent using HTTP-POST or HTTP-Redirect bindings.

- Update php-saml to 2.9.1

Updated: 2016, Jun 10

- Improve Multi-site support with specific metadata url

- Improve messages

- Update php-saml to 2.8.0

Updated: 2016, Mar 01

- Fix Requested Authn Context issue

- After the SSO process, user will be redirected to the corresponding bookmarked URL, or to the dashboard

- Update php-saml version to 2.7.0

Updated: 2016, Feb 04

- Publish SP metadata

- Add License support

Updated: 2015, Nov 24

- Fix some compatibility issues with OpenSAML IdP

- Improve SLO support

Updated: 2015, Sep 15

- Support Magento Multi-stores

- Improve debug messages.

- Support advanced signature algorithm.

Updated: 2015, Sep 09

- Update php-saml library to 2.6.0

- Improve SP XML metadata publication

Updated: 2015, Jun 10

Upload the SAML lib.

This is a Magento® Extensions item
Product rating: 5 star rating | Write a review 5/5 based on 11 rating(s)

2018, Jul 31

Magento 1.8.x, Magento 1.9.2.x, Magento 1.9.x


$199.00 GPL License

You can use the product for your own website or your clients website if you are developer. You are allowed to use this extension on Unlimited website while our private support is base on domain.

  • Private support for each 12 months
  • Unlimited tickets support
  • Download & upgrade new version

You can use the product for a lifetime without purchasing it again or pay for renewal payment. You should repurchase this product when your package expired but you want to get our support or update to the latest version

Support Domain License Under a 1 support domain license for the item you are granted a non-exclusive non-transferable permission to use the item on a single site.

If you plan to use the product on other domains, you SHOULD buy now to SAVE much better than buying separated order.
$ 199.00
You will be rewarded 99 Points ($9.9)

Why choose Cmsmart?

img choose 1
Leading in quality and performances

We are proud ourselves to release our quality products to the e-commerce world.

img choose 1
Full solutions for niches industry

We provide many powerful completed Printshop, Multistore marketplace, etc solutions for industry

img choose 1
Excellent support and consultancy

We have a dedicated support team that delivery the excellent support

img choose 1
Private customization for your project

If you don't like our product as it is, you can custom it as you want

img choose 1
Long-term partnership care

We also want to have a long-term partnership with customer to support and take care

Welcome to Cmsmart community!
→ Do you know the secret to create a printing site in a few minutes?
→ What is the latest technology of Online Design 2019?
→ How to start a marketplace site without any trouble?
Join over 19,890+ readers as well as happy customers to open the successful key for your e-commerce business.