SAML Single Sign On Magento Extension - Sixto Martin

SAML Single Sign On Magento extension helps your customer can connect a Magento instance with any SAML Identity Provider after you enable and configure it successfully in your backend.
Details

If you are working with a partner that has implemented a SAML identity provider (OneLogin, Okta, Ping Identity, ADFS, Salesforce, SharePoint...), you can use this extension to interoperate with it, thereby enabling SSO for customers.

Our customers are happy with the extension and with the support received. Companies like Cisco, Toyota or PWC trusted on our services

Please note that the module was implemented by Sixto Martin, author of 15+ SAML plugins and several SAML toolkits. Support by mail guaranteed. Get a reply in less than 48h (business day).

 

1

2

 

Full List Of Features

  • Enable SAML Single Sign On with this extension simply.
  • Connect a Magento instance with any SAML Identity Provider.
  • Allow to Login via Identity Provider.
  • Possible to single sign on/ log out service Url.
  • Easily switch On/Off the SAML Module.
  • Provisioning/Auto-update user data.
  • Single Sign On (IdP & SP initiated).
  • Single Log Out (IdP & SP initiated).
  • Just-In-Time Provisioning (user data + group + address).
  • Auto-provisioning: allow to create a new user with the data provided by the IdP.
  • Auto-update: update the account of the user with the data provided by the IdP and Review the Mapping section.
  • Possibly set the mapping between IdP fields and Magento fields.
  • Mapping could be also set at Onelogin's IdP as well.
  • Group and address supported.
  • Customizable workflow.
  • Supports Magento Multi-stores.
  • Powerful features in backend.
  • Easily install and use.

Product Reviews (11) Write a review

Thorsten Schramm 5 star rating Submitted: September 12, 2017

The extension works fine so the integration into Magento was easily done. Problems or customisations are very quick and helpful answered by Mr. Garcia. Excellent support! Excellent extension! Highly recommended.

Justin Seipel 5 star rating Submitted: April 6, 2017

Great work on the issue. Found the problem quickly and fixed it within a day.

Suvir Khullar 5 star rating Submitted: November 7, 2016

We were earlier struggling for SAML integration for one of our client. We tried different options before but could not work for them. Then I tried this extension developed by Mr. Sixto. Steps for Integration of SAML is followed as per instructions given in user guide. However for SAML integration one will definitely need assistance from the extension developer. The kind of support provided by Sixto is awesome. His response to my emails was very prompt and with detail instructions and guidance. With his great support we have successfully integrated SSO in our magento store. I recommend Mr. Sixto as SAML technological partner. All my good wishes for him and his fantastic product.

Shayne Stone 5 star rating Submitted: January 21, 2015

very powerful and unique extension. Good luck with sales!

Billie Mead 5 star rating Submitted: March 28, 2015

I recently got to use the SAML Single Sign-on Magento Extension on a huge project with a fortune 500 company, Varian Medical Systems based in CA. We implemented it on a mission critical project, the Varian Custom Marketplace. As the project manager with a large budget, I could have gone with any one solution, even a custom coded job. But we used this extension and the results couldn't have been better as the code is flawless. And the author provided some of he best technical support I have seen in years. You don't even have anything to consider... get this extension and save yourself a ton of problems and headaches. Billie M. (PrintTech Consulting)

Barry Allwood 5 star rating Submitted: April 21, 2015

Great extension and great support!

Timo Peschka 5 star rating Submitted: February 17, 2016

You wrote: "I implemented a solution where Magento acta as Identity Provider (separate piece of software) that requires the SAML extension" (Date: 01/27/2016 11:12AM) We also want to use Magento as a SAML provider. Is it possible to buy your "solution"?

Maarten Troonbeeckx 5 star rating Submitted: February 29, 2016

Excellent package. Was easily extensible for one of our client's specific needs and the author went through some great lengths to help us out where needed. Highly recommended if you a SAML solution for Magento!

Maarten Troonbeeckx 5 star rating Submitted: February 29, 2016

Excellent package. Was easily extensible for one of our client's specific needs and the author went through some great lengths to help us out where needed. Highly recommended if you a SAML solution for Magento!

Greg Rudakov 5 star rating Submitted: February 29, 2016

Great tool, worked as expected with Microsoft Azure, Sixto was great help with the initial setup (as I was a first timer)

nathan 5 star rating Submitted: March 1, 2016

Good product and Good technical support offered by the developer too.
Submit your review

First: rate the product. Please select a rating between 1 (poorest) and 5 stars (best)

Write review

Become a client on Cmsmart, you are protected strongly with our Client Protection Programe. Especially we built -in a strong Central Ticket Support system to help clients and partners working on the products item support after purchased.

Go to item support

People also ask

No, you only need to purchase license for production that you use in production.



Yes, the extension support multi-store. Each store will have its own SAML settings.



Take in mind that you will need a license for each of them.
SAML is a standard for exchanging authentication and authorization data between different domains.



Learn more at: https://github.com/jch/saml
The extension includes a Readme that explains how to install and where to find the SAML settings panel.



This SAML setting panel contains different sections with a bunch of fields. All of them have a short description that explains what value to use on it.



The extension uses the Onelogin php-saml toolkit [1], so take a look at its settings if you have more doubts



[1] https://github.com/onelogin/php-saml#settings
This extension will work with any Identity Provider that follows the SAML 2.0 standard.



Take in mind that SP expects to receive the SAMLResponse using the HTTP-Post binding, and rest of the SAML messages are exchange using HTTP-Redirect binding.
If you have a complex project where you want to add SAML support, for sure you will need to buy this extension to save you the time of integrate Magento.



If you need custom solutions for specific apps, or you don't have much idea about SAML and are not able to configure the Identity Provider, you can contact me at sixto.martin.garcia@gmail.com and I can offer my help and agree rate per worked hour.
Yes, this extension works on Magento Community and Magento Enterprise

Userguide

10/21 Comment(s)

Login and write a comment

Alex N
As I understand the module “SAML Single Sign On Magento Extension” is under the GPL license which is not compatible with the Magento EE (Enterprise Edition) license. Is it possible to buy the module with the “LGPL” (Lesser GPL) license?
Pieter
Shibboleth SAML 2 SSO
  • Date: 2018-04-17 03:04:38
We are interested in purchasing this extension for the following use case:

For a university we are creating a dedicated webshop with specific discounts. Studentes and employees have to identify themselves using the SSO that the university uses, this is Shibboleth and if follows the SAML 2.0 standard.

We have the following questions:

- Does your exetension work with Magento 1 enterprise v. 1.14.3.8
- Will it be possible to integrate the Shibboleth SSO?
- Reading the details of the extension I assume it would be possible to let a user authenticate using Shibboleth, map the user to a customer group (example employee or student) and apply the correct discount to that customer group?
- Is it possible to get a licence for our staging environment before we buy the extension?
Sixto Martin
Sixto Martin
  • Date: 2018-04-17 03:04:15
- Does your extension work with Magento 1 enterprise v. 1.14.3.8

Yes

- Will it be possible to integrate the Shibboleth SSO?

Yes, Shibboleth IdP is compatible.

- Reading the details of the extension I assume it would be possible to let a user authenticate using Shibboleth, map the user to a customer group (example employee or student) and apply the correct discount to that customer group?

Yes, group mapping is supported by the extension

- Is it possible to get a license for our staging environment before we buy the extension?

No, you need to purchase the extension
Brian
Login link goes right to SSO providor
  • Date: 2018-03-12 09:03:01
We noticed in your Magento 2 module you put in the ability to hide the local login and when a user clicks login on the site it will take the customer to the SSO login and they never see the login page on Magento. Does this exist in your Magento 1 module as well? Something our magento 1 customer has been asking for years to have on the site. thanks for a great M1 and M2 module.
Sixto Martin
Sixto Martin
  • Date: 2018-03-12 10:03:28
Hi Brian,

is not implemented on the M1 extension, but if your customer requires it, I don't think gonna be complex to implement it for them.
Andrea Sansotta
SSO Redirect
  • Date: 2017-01-26 11:01:01
When our User is logging into the System which we have configured for SSO, they land at an undesired page. How do I make the Users go to a certain page after they login? Is this a configurable field to change the Landing Page?
Sixto Martin
Sixto Martin
  • Date: 2017-01-26 12:01:11
Hi Andrea,

this is not configurable by the SAML admin panel right now (maybe I will include that functionality in a future release).

but you can custommize the SAML Extension. If you go to the Magento root path and edit the file:

code/community/Onelogin/SAML/Helper/Data.php

at the bottom of the processSSO method there are 2 lines that redefines the $urlToGo var:

$urlToGo = Mage::getUrl('customer/address/edit/id/'.$customAddress->getId());

and

$urlToGo = Mage::getUrl('customer/address/new');

simply comment them, and the user will be redirected to the default page of the site, or to the RelayState URL if there is any.

also if you want to redirect to a specific account you can specify it....
Sixto Martin
Sixto Martin
  • Date: 2017-01-27 07:01:14
I published the 1.1.5 version that supports what you were asking for.
Andrea Sansotta
iDP Identity and SAML Endpoint
  • Date: 2017-01-12 02:01:21
So, we have developed a website for our very large client. The client requested that the website have the SSO functionality and they are using Ping Identity as their SSO Provider and that have given us the iDP information and other various configuration information. Now they are asking us for our iDP and SAML Endpoint. What are these fields and how can I obtain this information to share to my client?

Thank you very much for your help.
Sixto Martin
Sixto Martin
  • Date: 2017-01-12 02:01:06
Hi Andrea, the SAML Single Sign On Magento Extension add SAML support to Magento turning it in a SAML SP to be conected with an IdP.

If your customer provided to you SAML IdP data you will be able to add it at the "IdP Setting" section and at the status section you will be able to find a link to the SP metadata that you need to share with the IdP administrator.

Review the documentation of the extension where is described that info I shared.
Andrea Sansotta
PHP Version Requirement
  • Date: 2017-01-06 01:01:34
Our current version of PHP is 5.6.26. We want to install the extension but, we are getting the error (CONNECT ERROR: Package community/Onelogin_SAML 1.1.4: requires PHP version >= 5.3.3 and <= 5.6.24 current is: 5.6.26). We just want to make sure this extension is still okay to install and that it will work properly.

Thank you.
Sixto Martin
Sixto Martin
  • Date: 2017-01-06 01:01:17
or open a support ticket and I will be able to provide to you a zip version without that problem.
Sixto Martin
Sixto Martin
  • Date: 2017-01-06 01:01:24
1. Descompress the Onelogin_SAML-1.1.4.tgz
2. Edit the package.xml, at the bottom there is a reference like this:

dependencies - required - php - min 5.3.3- min - max . 5.6.24 - max

modify it and put

dependencies - required - php - min 5.3.3- min - max . 5.6.27 - max

3. Compress again the files on a tar.gz
Wee Keat
Magento 2 Support
  • Date: 2016-06-28 10:06:45
Hi,

I'm looking to purchase this item and I would like to know if your extension supports Magento 2 and above? I saw one of your YouTube video demo'ing SSO on Magento 2.

Look forward to hearing from you.


Thanks.
Sixto Martin
Sixto Martin
  • Date: 2016-06-28 11:06:36
This extension only works for Magento 1.X.

I have another extension that works for Magento 2.0 but is still not officially published.
If you are interested you can contact directly with me at sixto.martin.garcia@gmail.com and I will provide to you more info about that new extension.
The Nguyen
Customer sharing "Global" issue
  • Date: 2016-06-09 10:06:13
Hi

We are using this extension. We have 12 websites and we set Customer Sharing as "Global". We also have option "Create user if not exist" set to "Yes"
Issue is we can not login with same customer on another website. It show me an error:
The auto-provisioning process failed: Customer email already exist

Can you let me know what we need to do to make it works? We need to set Customer Sharing as "Global"

Thank you
Sixto Martin
Sixto Martin
  • Date: 2016-06-09 11:06:44
Right now the extension is able to provision an user that does not exists previously in any other store, but not to link an existed user on the specific store.

Take in mind that each websites is consider as unique Service Provider able to be connected with a Identity Provider. It seems that in your scenario, you are connecting all the stores to the same IdP (not the common use)

I can implement the ability of link an existed user to the specific store, but I will need to add an extra option on the settings to enable it because in other scenarios, where you connect with different IdPs, this can provoke a security issue.

P.S Do you have license for all those sites?
The Nguyen
Hi ,

I am using this extension for our Magento project.
My problem is. we have 12 websites (same domain, store code added to url).
From backend, we see the same metadata url being used for 12 websites (without store code)

And now, we can implement only 1 website (default website). When we try to add another website to ADFS

It show me the error:

An error occurred during an attempt to access the AD FS configuration database: Error message MSIS7612: Each identifier for a relying party trust must be unique across all relying party trusts in AD FS 2.0

Any Idea ?

Thanks
Sixto Martin
Sixto Martin
  • Date: 2016-05-31 01:05:46
In the backend, you are able to link SAML settings to a specific shop. At the advanced section be sure you are adding a different SP EntityId for each shop. The SP metadata generated should have a different EntityId then so when you store it in ADFS you dont experience the previous error.

If the metadata generated keep being the same contact me and we can schedule a meeting to fix the issue (with no extra cost).
The Nguyen
The Nguyen
  • Date: 2016-05-31 02:05:17
Hi Martin,

Thank a lot. It works :)
Sixto Martin
Sixto Martin
  • Date: 2016-05-31 02:05:56
Great, let me know if you experience any other issue.

And please if you have some spare minutes, provide feedback at the magento marketplace / cmsmart. Is so important in order to let know the future customers the right extension to be bought.
ChianMing Tan
hi,
We have a B2B Magento site which we have multiple corporate clients who are using different SSO solutions. Can this extension multiple SSO solutions ?

We also have a need to support LDAP or Active Directory. Do you provide custom project support?

Thanks!
Sixto Martin
Sixto Martin
  • Date: 2016-05-25 08:05:16
The SAML extension supports Multi-site so you can connect each shop with an Identity Provider (but notice there is license domain restriction).

If you want to connect 1 shop with more than 1 Identity Provider, then you will need to deploy also a simpleSAMLphp SAML bridge so:
Multiple IdPs --- SAML bridge -- Magento Service Provider.

My extension is only for the SAML standard, but if you need to be connected with an LDAP or Active directory, you can use those authentication sources and deploy an Identity Provider using simpleSAMLphp and connect it with the magento SAML extension.

I offer support for the extension (50$/hour), but for custom SSO projects I ask for 60$/hour.
ChianMing Tan
ChianMing Tan
  • Date: 2016-06-06 08:06:15
hi Martin, we will be in contact via LinkedIn for custom project. Thanks.

Change log

Updated: 2018, Jul 31

- Update php-saml to 2.14.0

Updated: 2017, Jun 12

- Update php-saml to 2.10.6 - Improve the way users are created/updated in websites/stores

Updated: 2017, Feb 27

- Add nameIdFormat support on LogoutRequests

Updated: 2017, Jan 28

- Update php-saml to 2.10.3 - Add better control of redirections after login

Updated: 2016, Oct 17

- Update php-saml to 2.10.0 (security improvements) - Add force SAML feature - Add the ability to sign metadata

Updated: 2016, Sep 12

- When the custom attribute is the field to identify the user, let update the email when

Updated: 2016, Sep 02

- Add support for custom attribute and log by custom attribute.

- Now AuthNRequests can be sent using HTTP-POST or HTTP-Redirect bindings.

- Update php-saml to 2.9.1

Updated: 2016, Jun 10

- Improve Multi-site support with specific metadata url

- Improve messages

- Update php-saml to 2.8.0

Updated: 2016, Mar 01

- Fix Requested Authn Context issue

- After the SSO process, user will be redirected to the corresponding bookmarked URL, or to the dashboard

- Update php-saml version to 2.7.0

Updated: 2016, Feb 04

- Publish SP metadata

- Add License support

Updated: 2015, Nov 24

- Fix some compatibility issues with OpenSAML IdP

- Improve SLO support

Updated: 2015, Sep 15

- Support Magento Multi-stores

- Improve debug messages.

- Support advanced signature algorithm.

Updated: 2015, Sep 09

- Update php-saml library to 2.6.0

- Improve SP XML metadata publication

Updated: 2015, Jun 10

Upload the SAML lib.

This is a Magento® Extensions item
Product rating: 5 star rating | Write a review 5/5 based on 11 rating(s)

2018, Jul 31

Magento 1.8.x, Magento 1.9.2.x, Magento 1.9.x

DOWNLOAD THIS ITEM
CHOOSE PAYMENT TYPE

$199.00 GPL License

You can use the product for your own website or your clients website if you are developer. You are allowed to use this extension on Unlimited website while our private support is base on domain.

  • Private support for each 12 months
  • Unlimited tickets support
  • Download & upgrade new version

You can use the product for a lifetime without purchasing it again or pay for renewal payment. You should repurchase this product when your package expired but you want to get our support or update to the latest version

Support Domain License Under a 1 support domain license for the item you are granted a non-exclusive non-transferable permission to use the item on a single site.

If you plan to use the product on other domains, you SHOULD buy now to SAVE much better than buying separated order.
$ 199.00
You will be rewarded 99 Points ($9.9)

Why choose Cmsmart?

img choose 1
Leading in quality and performances

We are proud ourselves to release our quality products to the e-commerce world.

img choose 1
Full solutions for niches industry

We provide many powerful completed Printshop, Multistore marketplace, etc solutions for industry

img choose 1
Excellent support and consultancy

We have a dedicated support team that delivery the excellent support

img choose 1
Private customization for your project

If you don't like our product as it is, you can custom it as you want

img choose 1
Long-term partnership care

We also want to have a long-term partnership with customer to support and take care


Top