Powered by Magento Commerce 2.4.1

saml_magento2_logo_3_3_2_1_2.png

SAML Single Sign On

TOTAL:
$299.00

Overview

Back to top

The extension is compatible with Magento CE, Magento EE, and its Cloud Edition.

Add SAML Single Sign-On support for customers to your Magento 2 instance. If you are working with a partner/company that has implemented a SAML identity provider, you can use this extension to interoperate with it, thereby enabling SSO and Just-in-Time provisioning for customers. It works with any IDP provider which supports the SAML 2.0 standard. The module was implemented by Sixto Martin, author of 15+ SAML plugins and several SAML toolkits. The module was implemented for Magento 2, If you are interested in a SAML module compatible with Magento 1.X, find it here.

Customers are happy with the SAML extension and the support received. Companies like Cisco, Erickson, Philips, Royal Mail, Securitas, Mazda, Proclinic, Tendam, Woodmark, Toyota, Hilton, PWC, Deloitte; as well as Medical Associations, ONGs as well as Universities, trusted in the SAML extension. The extension adds a link, "Login via Identity provider" to the customer login form. Following the link initiates a series of redirects that are described by SAML 2.0 standard. The customer authenticates against the SAML Identity Provider and then information about the user, group, and address are sent to Magento. Magento authenticates the customer and lets him in.

 

Features

  • Easily switch On/Off the SAML Module.
  • Supports Magento Multi-stores.
  • Allow to Login via any SAML Identity Provider, supporting
    Single Sign-On, IdP, and SP initiated. (POST and Redirect bindings)
  • Supports Single Log Out, IdP and SP initiated. (Redirect binding)
  • Supports IdP certificate rotation.
  • Supports SAML Messages signed and encrypted.
  • Supports Just-In-Time Provisioning: Auto-create user accounts on the fly, with the data provided by the Identity Provider.
  • Support for: customer data, group, address, custom attributes.
  • Attribute, Group, Address Mapping: Ability to set the mapping between IdP fields and Magento fields.
  • Customizable SSO link text.
  • Customizable workflows.
  • Force SAML: Force SAML flow when user access login page, IP whitelist
  • SAML Only: Users which email matches an email must log only via SAML.

 

Settings

  • Status. To enable or disable the extension.
  • Identity Provider. Set parameters related to the IdP that will be connected with our Magento.
  • Options. The behavior of the extension.
  • Protect Options. Protection features
  • Attribute Mapping. Set the mapping between IdP fields and Magento user fields.
  • Group Mapping. Set the mapping between IdP groups and Magento groups.
  • Address Mapping. Set the mapping between IdP fields and Magento address fields
  • Custom Mapping. Set the mapping between IdP fields and Magento custom fields. You will also be able to identify Magento accounts by a custom field instead of the mail. 
  • Custom messages. To handle what messages are shown in the login form.
  • Advanced settings. Handle some other parameters related to customizations and security issues.

 

Use Cases

Supports:

  • IdP-initiated Single Sign-On
  • A SAMLRequest is sent to the Identity Provider, customer authenticates against the SAML Identity Provider and then information about the user, group and address are sent to Magento in a SAMLResponse, Magento SAML extension validates the SAMLResponse, authenticate customer (provisioning a new account if required and the feature is enabled) and let him in.
  • SP-initiated Single Sign-On
  • Like the previous scenario, but here the SAML Response is directly sent by the Identity Provider and processed by the Magento SAML extension.
  • SP-initiated Single Logout
  • A SAML Logout Request is sent to the Identity Provider, the IdP close its session and the session of other related Service Providers and sent back a Logout Response to the Magento instance that will close the session.
  • IdP-initiated Single Logout
  • A SAML Logout Request is sent by the Identity Provider, the Magento instance validates it, close its session and reply back a SAML Logout Response. 

 

Support/Warranty

Support by email guaranteed. Get a reply in less than 48hr (business days)

 

License Warning

Use as License Key the Order ID of the purchase. When you purchase the extension, you can use it in one M2 instance. In the case of M2 running multi-sites, the license cover 3 stores using SAML SSO. If you require more stores, contact sixto.martin.garcia@gmail.com to discuss the terms. Test and developer environments can use the extension without requiring an additional license.

 

Identity Providers Supported

Find here a list of some of the Identity Providers supported. (Links refer to its official documentation to configure a SAML integration).

Technical Specifications

Back to top

Seller profile

SAML Integrations

Seller contact

E-mail

Integrator

Current Version

1.7.0

Magento platform compatibility

Open Source (CE): 2.0, 2.1, 2.2, 2.3, 2.4

Commerce on prem (EE): 2.2, 2.3, 2.4

Commerce on Cloud (ECE): 2.2, 2.3, 2.4

Type

Stable Build

Updated

19 August, 2020

Categories

Extensions, Content & Customizations

Quality Report

Back to top

Installation & Varnish Tests

Passed

Coding Standard

Passed

Plagiarism Check

Passed

Malware Check

Passed

Marketing Review

Passed

Manual Testing

Passed

All tests were conducted on the latest versions of Magento that existed for the compatible release lines at the moment of the extension submission. Latest versions of all other software were used, as applicable.

Release Notes

Back to top

1.7.0:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2 2.3 2.4
  • Compatible with Commerce on prem (EE) : 2.2 2.3 2.4
  • Compatible with Commerce on Cloud (ECE) : 2.2 2.3 2.4
  • Stability: Stable Build
  • Description:

    - Verified compatibility with Magento 2.4 (In the backend, MFA will be asked after SAML SSO success).
    - Try to solve customer data load issue reported at https://github.com/magento/magento2/issues/28428, that affects the latest version of Magento, by adding a sections.xml file

1.6.2:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2 2.3
  • Compatible with Commerce on prem (EE) : 2.2 2.3
  • Compatible with Commerce on Cloud (ECE) : 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Fix group mapping bug

1.6.1:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Fix an issue with the new section protect-options that had to be renamed to protect_options. Customers that were using 1.6.0 version will need to reassign the settings of that section.

1.6.0:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2 2.3
  • Stability: Stable Build
  • Description:

    Force SAML was moved to a new section so, when upgrading to this version of the extension, make sure to redefine its value.

    - Add a Protect Option section with the features: Force SAML, Whitelist Force SAML by IP, Conditional SAML Only by domain, Whitelist conditional SAML Only, and Force Address view redirection.
    - Add optional RelayState validation.
    - Extend support of groups to 25.
    - Refactor executePostLogin as a helper.
    - Support SAML Logout with NameId Format, Name Qualified and SP Name Qualified values.
    - Fix typos on ACS view
    - Add webrestriction.xsd

1.5.0:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Support Search Criteria: LIKE and EQ
    - Fix bug on tryLogAndRedirect method.
    - Register some events: pitbulk_saml2_customer_check, pitbulk_saml2_customer_successfully_updated, pitbulk_saml2_customer_successfully_created)

1.4.0:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Require php-saml > 3.0.0
    - Supports Magento 2.0, 2.1, 2.2, 2.3
    - Support muliple IdP x509 certs.
    - Support multiple custom fields.

1.3.0:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2
  • Stability: Stable Build
  • Description:

    - Require php-saml < 3.0.0
    - Add a more detailed description of what customer/user data is updated when that option is enabled. Update mail if custom attribute defined as the way to identify customer
    - Improve the feature of disabling email notification on new accounts
    - Make processAttrs public. Fix updateCustomer parameter bug. Add support for custom attributes

1.2.1:

  • Compatible with Open Source (CE) : 2.1 2.2
  • Stability: Stable Build
  • Description:

    - Fix metadata url of the Status section for multi-stores.
    - Update php-saml version

1.2.0:

  • Compatible with Open Source (CE) : 2.1 2.2
  • Stability: Stable Build
  • Description:

    - Add SSO on user backend login
    - Add support to nameIDFormat on LogoutRequests

1.1.1:

  • Compatible with Open Source (CE) : 2.0
  • Stability: Stable Build
  • Description:

    - Fixed a minor issue on etc/adminhtml/system.xml file where there was a typo.
    - Update php-saml library (2.10.1)
    - Fixed address provisioning process.
    - Code clean to pass M2 codestyle.

1.1.0:

  • Compatible with Open Source (CE) : 2.0
  • Stability: Stable Build
  • Description:

    * New namespace
    * Add readme/installation instructions

1.0.0:

  • Compatible with Open Source (CE) : 2.0
  • Stability: Stable Build
  • Description:

    Magento2 extension that add SAML Single Sign On support to the customer login page.


    If you are working with a partner that has implemented a SAML identity provider, you can use this extension to interoperate with it, thereby enabling SSO for customers. It works with any IDP providers, including OneLogin, Okta, Ping Identity, ADFS, Salesforce, SharePoint...

    The module was implemented by [Sixto Martin](http://pitbulk.github.io) , author of 15+ SAML plugins and several SAML toolkits.

    The module was implemented for Magento 2, If you are interested in a SAML module compatible with Magento 1.X
    access: https://www.magentocommerce.com/magento-connect/saml-single-sign-on-extension.html

Support

Back to top

The best place to start if you need help with a specific extension is to contact the developer. All Magento developers have both a contact email and a support email listed.

Contact Vendor

Q & A

Back to top

Reviews

Back to top