Popularity ScoreReferrals to Site/Downloads
0 1+ 250+ 1000+ 10000+
This extension allows you to use any SAML 2.0-compliant Identity Provider for Single Sign-On to your Admin Panel instance.
You can use this extension to interoperate with any Identity Provider, enabling SSO at the backend for administrators. It works with any IDP providers, including OneLogin, Okta, Ping Identity, ADFS, Salesforce, SharePoint,..
The extension add SAML support at Magento deploying a Service Provider. On this extension the SAML flow can be initiated at the Identity Provider or at the Service Provider. Once metadata info is exchange between the entities and the rest of the settings configured on the admin panel, the Single Sign On feature is available and a customized link will appear on the admin login form.
Once logged on the Identity Provider, a SAMLResponse that includes data of the user will be sent to the Service Provider's Assertion Consumer Service endpoint, there the attributes will be mapped based on the settings and a related user account will be searched with the resulted data. If there is a match the user will be logged, if not and the Just-In-Time functionality is enabled, a new user account will be created on the fly. The extension also support roles.
The single Logout service is an optional feature that is also included on the extension, this service will close not only the Magneto's session, also the sessions of the Identity Provider and all active sessions of the related Service Providers.
At the advanced section of the settings there are a lot of parameters that controls how the Service Provider works, making it compatible with any Identity Provider. There you can decide if require the SAML Messages signed and encrypted or not, if sign the messages and the algorithm used, the NameId Format, the AuthContext required, ...
With this extended admin login form, your users can access Magento backend with any the Identity Provider established, they just click on the link “Login via your Identity Provider”, (the message is customizable) to carry out their login process.
At first setting step, go to powerful admin panel (System > Configuration. At the Services tab, the "SAML (Admin panel)", and at the Status section select “Yes” to enable for its status and provide the License Key. On this section also you see a link to the published metadata of this Service Provider that you need to share with the Identity Provider administrator.
In the “Identity Provider Settings” section, you can set up some info related to the IdP that will be connected with your Magento. Contact the IdP’s administrator and ask him for the IdP metadata in order to fill the fields: IdP Entity Id, Single Sign On Service Url, Single Log Out Service Url and x509 public certificate.
In the “Options” section the behavior of the plugin is set, so you just select “ Yes” for some improtant fields: Create user if not exists, Update user data, Sync role when updating user, default RoleId and Single Log Out.
In the “Attribute mapping” section, we can set the mapping between IdP fields and Magento fields.
In the “Role mapping” section, we can set the mapping between IdP Role values and Magento Roles. Example: admin, owner, super-user. There are 10 fields, the id means that Role id=1 will match the Magento role that has id=1 if exists.
In the “Advanced Settings” section, you can easily handle some other parameters related to customizations and security issues. If sign/encryption is enabled, then x509 cert and private key for the SP must be provided.
The best place to start if you need help with a specific extension is to contact the developer. All Magento developers have both a contact email and a support email listed.
If you need support for a Magento platform, there are different options for support depending on which Magento platform you are using. Below are links for specific platforms.
We built Magento Connect using the latest techniques and technologies.
This makes Magento Connect faster and easier to use.
Unfortunately, your browser doesn't support those technologies.
Use the links below to download a new browser or upgrade your existing browser.