Ms.Janet Tran
Skype: janet.tran.92
WhatsApp: +84 963 296 509
Email: [email protected]
Please fill out the customization request form if you need any
You can find the best answers when you catch problems
IdP-initiated Single Sign-On
A SAMLRequest is sent to the Identity Provider, customer authenticates against the SAML Identity Provider and then information about the user, group and address are sent to Magento in a SAMLResponse, Magento SAML extension validates the SAMLResponse, authenticate customer (provisioning a new account if required and the feature is enabled) and let him in.
SP-initiated Single Sign-On
Like the previous scenario, but here the SAML Response is directly sent by the Identity Provider and processed by the Magento SAML extension.
SP-initiated Single Logout
A SAML Logout Request is sent to the Identity Provider, the IdP close its session and the session of other related Service Providers and sent back a Logout Response to the Magento instance that will close the session.
IdP-initiated Single Logout
A SAML Logout Request is sent by the Identity Provider, the Magento instance validates it, close its session and reply back a SAML Logout Response.
Find here a list of some of the Identity Providers supported. (Links refer to its official documentation to configure a SAML integration).
OneLogin
Okta
Auth0, Auth0 Enterprise
ADFS
Azure AD and Azure AD B2C
Keycloak
Salesforce
Shibboleth
simpleSAMLphp
AWS SSO
Centrify
Forgerock (OpenAM)
Ping Identity
RSA
IBM
Oracle
WSO2
NetIQ
SecureAuth
Citrix Netscaler
F5 BIG-IP
Use as License Key the Order ID of the purchase. When you purchase the extension, you can use it in one M2 instance. In the case of M2 running multi-sites, the license cover 3 stores using SAML SSO. If you require more stores, contact [email protected] to discuss the terms. Test and developer environments can use the extension without requiring an additional license.
Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML standard for exchanging authentication and authorization identities between security domains. SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end user) between a SAML authority, named an Identity Provider, and a SAML consumer, named a Service Provider. SAML 2.0 enables web-based, cross-domain single sign-on (SSO), which helps reduce the administrative overhead of distributing multiple authentication tokens to the user.
SAML 2.0 was ratified as an OASIS Standard in March 2005, replacing SAML 1.1. The critical aspects of SAML 2.0 are covered in detail in the official documents SAMLCore,[1] SAMLBind,[2] SAMLProf,[3] and SAMLMeta.[4]
Some 30 individuals from more than 24 companies and organizations were involved in the creation of SAML 2.0. In particular, and of special note, Liberty Alliance donated its Identity Federation Framework (ID-FF) specification to OASIS, which became the basis of the SAML 2.0 specification. Thus SAML 2.0 represents the convergence of SAML 1.1, Liberty ID-FF 1.2, and Shibboleth 1.3.
SAML is a standard for exchanging authentication and authorization data between different domains.
Learn more here: https://en.wikipedia.org/wiki/SAML_2.0
Learn more at: https://github.com/jch/saml
No, you only need to purchase license for production that you use in production.
Yes, the extension support multi-store. Each store will have its own SAML settings.
Take in mind that you will need a license for each of them.
SAML is a standard for exchanging authentication and authorization data between different domains.
Learn more at: https://github.com/jch/saml
The extension includes a Readme that explains how to install and where to find the SAML settings panel.
This SAML setting panel contains different sections with a bunch of fields. All of them have a short description that explains what value to use on it.
The extension uses the Onelogin php-saml toolkit [1], so take a look at its settings if you have more doubts
[1] https://github.com/onelogin/php-saml#settings
This extension will work with any Identity Provider that follows the SAML 2.0 standard.
Take in mind that SP expects to receive the SAMLResponse using the HTTP-Post binding, and rest of the SAML messages are exchange using HTTP-Redirect binding.
If you have a complex project where you want to add SAML support, for sure you will need to buy this extension to save you the time of integrate Magento.
If you need custom solutions for specific apps, or you don't have much idea about SAML and are not able to configure the Identity Provider, you can contact me at [email protected] and I can offer my help and agree rate per worked hour.
Yes, this extension works on Magento Community and Magento Enterprise
Recently, we discovered how client loving working with us by their 5 star recommedation