Joomla Single Sign-On allows your users to login to your Joomla site by authenticating with their IDP (Identity Provider). If your users first log in to some other application connected to your IDP, they can seamlessly login to Joomla without being prompted to login again.

This SAML Joomla Single Sign-On SSO solution provides SAML SSO capability to your Joomla site, converting it to a SAML compliant Service Provider which can be configured with any SAML compliant Identity Provider, allowing your users to log in to your Joomla site.

Joomla Single Sign-on also allows you to manage login and achieve Single Sign-On on your Joomla membership site using Azure AD, Azure B2C, ADFS, Keycloak, GSuite / Google Apps, Okta, Salesforce, Office 365, Shibboleth, or any SAML compliant Identity Provider so that you can allow your users to login to Joomla as a member via using their IDP credentials.

Joomla SAML Single Sign-On supports all kinds of SSO use cases such as Azure login into Joomla, Azure AD (Active Directory) login into Joomla, Azure AD SSO (Azure AD Single Sign-On), Login with Azure AD, Login using Azure AD, Login with Office 365, Office 365 login, Office 365 Single Sign-On, Login using Office 365, ADFS login into Joomla, Login with ADFS, Okta login, OneLogin SSO, Salesforce login, Login using Salesforce, Google Apps login, Google Apps Single Sign-On, Login with Google Apps, Login using Google Apps, Login using Gsuite, Gsuite login into Joomla, Keycloak login, Auth0 login, Shibboleth login, Login with Shibboleth, Login using Shibboleth, PingFederate login, Login with SimpleSAML, Login using simpleSAMLPHP, simpleSAMLSSO, etc. allowing your users to securely login to the Joomla site.

Joomla SAML Single Sign On provides Anonymous Login(Guest User Login) for your Joomla site so that your users can login to the Joomla site using the IdP credentials without creating the users in the site.

SAML 2.0 SP Single Sign On (SSO) - Service Provider allows users residing at a SAML 2.0 capable Identity Provider to log in to your Joomla website. We support all known IdPs – Google Apps, ADFS, Azure AD, Okta, Salesforce, Centrify, Bitium, miniOrange IdP, OneLogin, PortalGuard, SimpleSAMLphp, Shibboleth, Edugate, DUO, OpenAM, Ping, RSA, IBM, Oracle Access Manager, WSO2, Feide, SecureAuth, NetIQ Access Manager, etc.

SAML 2.0 SP Single Sign On ( SAML SSO) - Service Provider Plugin acts as a SAML 2.0 Service Provider which can be configured to establish the trust between the Joomla site and various SAML 2.0 supported Identity Providers to securely authenticate(Secure Login) the user to the Joomla site.

SAML 2.0 SP Single Sign On (SSO) - Service Provider plugin also provides Cross-Domain / Sub-domain login sharing with other Joomla websites.

We also provide a separate plugin that enables Joomla to act as an Identity Provider. It supports authentication with Joomla, user management, session management, change password, etc. You can configure any service provider with your Joomla site with the help of this plugin. Visit here to know more about our Joomla IDP plugin.

We provide active support. If you require any Single Sign-On application or need any help with installing this plugin, please reach out to us on joomlasupport@xecurify.com

Dependencies
- NONE

24/7 Support
If you require any Single Sign On (SAML SSO) application or need any help with installing this plugin, please feel free to reach out to us on our 24*7 support at joomlasupport@xecurify.com or Contact us.

FREE VERSION FEATURES

• Login Using IDP Credentials SAML SP helps login to your Joomla site using SAML 2.0 compliant Identity Providers.
• Automatic User Registration – the user will auto-registered after login if the user is not already registered with your site.
• Upload IDP Metadata – SAML SP provides an easy configuration with the Identity Provider by simply uploading the IDP metadata file/URL.
• Basic Role Mapping – Select the default role to assign to users on auto registration.
• Export Configuration – Download the plugin configuration file to transfer your module configurations when you change your Joomla instance.
• Step by step Guides – SAML SP provides step-by-step guides for configuring the Identity Provider.
• Step by step setup video - Click here to see step by step configuration video.
• Proxy Server Setup for intranet sites.

UPGRADED VERSION FEATURES– Click here to see all license versions.

• All the Free version features.
• Unlimited Authentication with multiple Identity Providers.
• SAML Single Logout(SLO) – Support for SAML Single Logout (Make sure your IdP also supports SLO)
• Auto-redirect to IDP – Allows Auto-redirect to Identity Provider from login page even user using multiple service providers.
• Backdoor login for Superuser/administrator – Checking this option creates a backdoor to login to your website using Joomla credentials in case you get locked out of your IDP.
• Disable auto-creation of users if the user does not exist – If you enable this feature new users won't be created, only existing users can log in using SSO.
• Advanced Attribute Mapping - Use this feature to map your IDP attributes to your Joomla site attributes like Username, Email, First Name, Last Name, Group/Role, Display Name.
• Advanced Role Mapping – Use this feature to assign Joomla roles to your users based on the group/role sent by your IDP.
• Force Authentication – Force Authentication allows users to redirect to IDP if the user is not logged in.
• Multiple SAML IDPs Support – We support the configuration of Multiple IDPs in the plugin to authenticate the different groups of users with different IDPs.
• Backend and Frontend Login – If a user is Super User, the user will be logged into both the frontend and backend of the site. No need to sign in again in the admin panel (backend) for Super User, once he is logged into the frontend of the site via Single Sign-On.
• Integrated Windows Authentication – Support for Integrated Windows Authentication (With ADFS)
• Binding Type – Select HTTP-Post or HTTP-Redirect binding type to use for sending SAML Requests.
• Generate Custom SP Certificate
• Select a Signature algorithm
• Auto-sync IdP Configuration from metadata
• Store Multiple IDP certificates
• Custom admin Login URL
• Customize modules depending upon the requirement.

LIST OF SUPPORTED IDPS
- Azure AD (Login with Azure AD)
- Azure AD B2C (Login using Azure AD B2C)
- Keycloak (Login with Keycloak)
- ADFS (Login with ADFS)
- Okta (Login with Okta)
- Salesforce (Login using Salesforce)
- Shibboleth2 (Login using shibboleth2)
- Shibboleth3 (Login with shiboleth3)
- GSuite login / Login with Google Apps / Login using Google Apps directory (Login GSuite login/google apps)
- miniOrange IDP (supports SAML SSO)
- Onelogin (Login with Onelogin)
- Centrify (Login with Centrify)
- SimpleSAMLphp (Login with SimpleSAMLphp )
- OpenAM (Login with OpenAM)
- Ping Federate (Login with Ping)
- PingOne (PingOne SSO)
- RSA Secure ID (Login with RSA Secure ID)
- IBM (Login with IBM)
- Oracle (Login with Oracle)
- Bitium (Login with Bitium)
- WSO2 (Login with WSO2)
- NetIQ (supports SAML SSO)
- LastPass (LastPass SSO)
- Auth Anvil (Auth Anvil SSO)
- Auth0 (Login with Auth0)
and practically any SAML-compliant Identity Provider.

USE CASES
Azure SSO
The Joomla SAML Single Sign-On plugin supports Azure SSO use cases such as AzureAD SSO(Azure AD Single Sign-On), Azure B2C SSO, Azure login into Joomla, log in with Azure Active Directory, Login using Azure AD, Office 365 SSO(Office 365 Single Sign-On), Login with Office 365, Login using Office 365, Office 365 Login, PowerBI SSO, etc.
You can also enable SSO with multiple Azure tenants using our Azure multi-tenant add-on (Available with the All-Inclusive license of Joomla Single Sign On (SAML SSO) plugin). Using this you can allow users in multiple Azure tenants or Office 365 tenants to login to your Joomla site.

Azure AD Login / Azure AD SSO(Azure AD Single Sign-On) / Azure login allows your users to authenticate with their Azure Active Directory credentials on the Microsoft login page in order to log into the Joomla site.
We provide deep integration between Joomla Single Sign-On and Azure AD Login in which you can also map the users’ information such as given name, surname, email, groups, etc from your Azure AD to the Joomla site. This allows your users to securely achieve Login with Azure AD / Login using Azure AD / Azure AD SSO / Azure login / for your Joomla site.
This also allows your Office 365 users to achieve Joomla Single Sign-On(Login with office 365 credentials / Office 365 Login / Login using Office 365) by authenticating via their Office 365 credentials. Our plugin allows you to map user information from Office 365 to your Joomla site in order to seamlessly achieve Office 365 Login/login with office 365 credentials / Office 365 SSO / Login using Office 365.

The Joomla SAML Single Sign-On plugin allows your users present in any of the Azure AD tenants to login to the Joomla site. Multi-tenancy for Azure AD can be seamlessly achieved using our SSO Plugin. This allows SSO with multiple Azure AD tenants in your Joomla site.

Google Apps SSO
The Joomla SAML Single Sign-On SSO plugin supports SSO with GSuite / Google Apps (Google Apps Login / Login using Gsuite / Login with Google Apps / Login using Google Apps / Gsuite login), allowing the users in your organization to login to your Joomla site using their organization Google Apps credentials.
You can use the Joomla Single Sign-On plugin to map the user information such as first name, last name, employee details, etc from Google Apps to your Joomla site in order to achieve Google Apps Login / SSO with GSuite / Login using Gsuite / Login with Google Apps / Login using Google Apps / Gsuite login into Joomla.
We also support Joomla Single Sign-On with multiple Google Apps organizations on the same site using our All-Inclusive plan.
We provide seamless integration between Joomla Single Sign-On and Google Apps Login(Login with Google Apps) in which you can provide Role controls to your users based on Google Groups or Organizational Unit membership.
Joomla SAML Single Sign-On SSO is a leading enterprise-grade plugin trusted by thousands of organizations from schools to large public companies, for enabling SSO with GSuite / Google Apps(Google Apps Login / Login using Gsuite / Login with Google Apps / Login using Google Apps / Gsuite login).

Salesforce Community SSO
The Joomla SAML Single Sign-On plugin allows your Salesforce community users to login to the Joomla site by authenticating with their Salesforce credentials(Login using Salesforce / Salesforce Login).
Our Joomla Single Sign-On (SAML SSO) plugin supports all the Salesforce SSO use cases such as Salesforce Login, Salesforce Single Sign-On, Salesforce Community SSO, Salesforce Login(Single Sign-On) into Joomla, Login using Salesforce, Login with Salesforce.
This allows you to seamlessly achieve Login using Salesforce, Salesforce Login, Salesforce Community SSO, Login with Salesforce, Salesforce Single Sign-On for your Joomla site.

WEBSITE

Check out our website to see all our listed Joomla plugins. Please reach out to us on joomlasupport@xecurify.com for more support. You can also submit your query from the plugin’s configuration page.

We also provide SAML SP, SAML IDP, OAuth Client, OAuth Server, LDAP / AD Login, Two Factor Authentication, OTP Verification, and Social Login plugins/Modules for WordPress and Drupal sites. To know more please click here

SAML 2.0 Plugin Add-ons:-

Integrate with Community Builder
By using the Community Builder Add-on you would be mapping the user details into the CB's com profiles fields table which containing the values from the table com profile.

IP based restriction for auto redirect
Restrict specific IP addresses from auto-redirect to IDP.

Sync users from your IdP in Joomla (SCIM Plugin)
This add-on sync users from your IdP to the Joomla database.

Page Restriction
This add-on is basically used to protect the pages/posts of your site with the IDP login page and also, restrict the access to pages/posts of the site based on the user roles.

SSO Login Audit
SSO Login Audit captures all the SSO users and will generate the reports.

Role/Group Based Redirection
This add-on helps you to redirect your users to different pages after they log into your site, based on the role sent by your Identity Provider.

We also provide the following features. Please feel free to reach out to us on support at joomlasupport@xecurify.com or Contact us.

Cross Domain Login between Joomla Sites.
You can share the login between two Joomla websites (Cross-domain, same domain, or sub-domain) by simply adding the other Joomla site URL in the plugin configuration settings, where you want the login to be shared. And adding the HTML button on the current Joomla site will enable the user to login to the other Joomla domain. Please make sure you have installed and enabled this plugin on both the Joomla sites. And users must exist on both sites to use this feature.

Strong Authentication
Secure your Joomla site from password theft using multi-factor authentication methods with 15+ authentication types provided by miniOrange. Our multi-factor authentication methods prevent unauthorized users from accessing information and resources by having passwords alone as the authentication factor. Enabling second-factor authentication for Joomla protects you against password thefts.

Fraud Prevention
miniOrange prevents frauds with its dynamic risk engine in conjunction with enterprise-specific security policy. We support a combination of the Device Id, Location, and Time of access as multi-factor authentication that can detect and block fraud in real-time, without any interaction with the user.