Joomla Single Sign-On
Joomla Single Sign-On simplifies user access to your Joomla site by enabling them to authenticate using a single set of credentials through SAML 2.0 Compliant Identity Providers. These include platforms like Azure AD, Okta, Google Apps, ADFS, Keycloak, Salesforce, Google Apps, Shibboleth, PingFederate, and more. With Joomla SAML Single Sign-On, users log in once and gain access to various services without the need to re-enter their credentials. This integration not only enhances user experience but also optimizes efficiency while ensuring adherence to robust security standards.
Contact us at joomlasupport@xecurify.com and we'll help you set up SSO in your Joomla site in no time.
What is Joomla Single Sign-On?
The Joomla SAML Single Sign-On Service Provider plugin enables SSO login within Joomla via various SAML 2.0 compliant Identity Providers, including Azure AD, Azure B2C, ADFS, Auth0, Keycloak, and more.
The plugin helps your Joomla website work as a Service Provider in the authentication process. It sets up a secure connection between your Joomla site and Identity Provider, to securely authenticate and enable Joomla Single Sign On - SSO Login for the user into the Joomla site.
SAML Single Sign-On (SSO) makes it simple for users to access all resources on your Joomla site smoothly through any existing SAML 2.0 Identity Provider.
Our Joomla SAML Single Sign-On SP plugin is compatible with Joomla 3, 4 as well as 5.
Our Plugin's Features
Auto Create SSO Users
Joomla SAML Single Sign-On Plugin automatically creates users on Joomla during Single Sign-On (SSO) if they are not present in the Joomla user list. This simplifies the login process and improves user convenience without compromising security.
Complete Site Protection
The Joomla SAML Single Sign-On Plugin restricts access to the frontend and backend of your Joomla site to logged-in users via SSO. Non-logged-in users are directed to the SSO provider's login page automatically. Admin and Manager users can access the Joomla backend after SSO.
Roles/Groups & Attribute Mapping
Joomla SAML Single Sign-On Plugin allows you to map Username, FirstName, LastName, Email, profile, field, and contact during the SSO. Also, it helps you to get user roles from your IdP and map them to Joomla user roles/groups.
Auto-Sync IdP Config from Metadata
Ensure Seamless SSO on Your Joomla Site by Automatically Updating and Syncing SAML IdP Configuration and Certificates Within the Plugin at Regular Intervals (hours, days, weeks, months, etc).
Versatile Compatibility: Joomla 5, 4, 3 Supported
You can use Joomla SAML Single Sign-On Plugin seamlessly across Joomla 5, 4, and 3, eliminating the need for separate installations for different Joomla versions.
Multiple IdP Support
You have the flexibility to set up multiple Identity Providers (IdPs) such as Azure AD, Okta, and Google Apps for SAML authentication. This enables users to log in to the Joomla site using various IdPs.
Single Logout (SLO)
Joomla SAML Single Sign-On Plugin enables users to log out from all Identity Providers (IdPs) and Joomla sites instantly upon logging out from any single Joomla site or Identity Provider.
Custom X.509 certificate
You have the option to add or generate custom X.509 certificate pairs specifically tailored to your Joomla site, ensuring they are entirely unique and personalized.
Use-Cases for Joomla Single Sign-On
Auto Sync Data to 3rd Party Add-Ons Using SSO
- During single sign-on between the IdP and the Joomla site, once a user is authenticated by the identity provider, they are logged into Joomla. Following authentication, the Identity Provider needs to transmit specific data stored within it to a third-party application that is already integrated with Joomla.
- Accessing information in the form of attributes sent by the IdP to the Service Provider (SP) as Joomla. These attributes are then showcased on third-party applications or within articles.
Backend Login to Joomla using SSO
- Backend login is provided for the following roles:
1) Superuser/Admin and their subgroups.
2) Manager and their subgroups.
- If users belong to any of the above roles and perform single sign-on, they are logged in and redirected to the Joomla backend.
- Otherwise, they are logged in and directed to the Joomla frontend.
- During single sign-on, upon receiving a SAML response from your IDP, our Joomla SAML SP plugin verifies the user's role.
Page Restriction Using SSO
- We have a solution Page restriction plugin which is used with Joomla SAML SP plugin. In which a user is automatically redirected to an Identity Provider for self-authentication whenever they try to access any restricted pages or articles (for example, the payment page).
- Users can access this restricted page after performing single sign-on.
Choose Your Plan
All Features in Free+
Unlimited Authentications
Unlimited Creation of Users
All Features in Basic+
Auto-Redirect to IdP
Relay State
Basic Attribute and Role Mapping Allow to map only email, username, name, and default role to the user.
All Features in Standard+
Advance Attribute and Role Mapping Allow to map profile, field, and contact attributes. Also, map multiple roles to Joomla roles.
Single Logout
Basic Backend Login Backend login using SSO for only super user, admin, and manager roles.
Contact us at joomlasupport@xecurify.com if you require more than 5 instances.
Compare Plans
| Features | Free | Basic | Standard | Premium | Enterprise |
|---|---|---|---|---|---|
| Auto Creation of Users | Upto 10 Users | Unlimited | Unlimited | Unlimited | Unlimited |
| SSO Authentications | Limited | Unlimited | Unlimited | Unlimited | Unlimited |
| Metadata XML File and URL | |||||
| Configure SP Using Metadata XML File and URL | |||||
| Customize the metadata contact information | |||||
| Options to select SAML Request binding type | |||||
| Attribute Mapping |
Basic Username, Email, Display Name |
Advance Username, Email, Display Name, Profile |
Enterprise Username, Email, Display Name, Profile, Contact |
||
| Role/Group Mapping |
Basic Username, Email, Display Name |
Advance Username, Email, Display Name, Profile |
Enterprise Username, Email, Display Name, Profile, Contact |
||
| Default Redirect URLs: After Login and Logout | |||||
| Backend Login to Joomla | Basic | Advance | |||
| Integrated Windows Authentication(With ADFS) | |||||
| Single Logout | |||||
| Custom X509 certificate | |||||
| Auto-sync IdP Configuration from metadata | |||||
| Store Multiple IdP certificates | |||||
| Multiple IdP Support | |||||
| Domain Mapping and Restriction | |||||
| End to End IdP Configuration |
Frequently Asked Questions
Having trouble setting the Azure Application ID URL?
IdentifierUris domain needs to be registered and verified in your Azure AD primary domain or subdomain.
You need to update Application URI as: http://
Follow the following steps to find domain name:
1. Sign in to the Azure portal with an account that’s a Global
Administrator for the organization.
2. Select Azure Active Directory.
3. Select Custom domain names.
Addons for Joomla Single Sign-On
Get In Touch
Chat with us
If you'd prefer to chat with our support team in real time, you can reach us online 24/7 and schedule a meeting according to your time zone.
Or Call Us
+1 978 658 9387 (US) +91 97178 45846 (India)Thank you for your response. We will get back to you soon.
Something went wrong. Please submit your query again
Knowledge Base
Frequently Asked Questions
Does miniOrange store any user data?
miniOrange does not store or transfer any data out of your systems. All the plugins are completely on premise. All the data remains within your premises / server.
Does miniOrange offer technical support?
Yes, we provide 24*7 support for all and any issues you might face while using the plugin, which includes technical support from our developers. You can get prioritized support based on the Support Plan you have opted for. You can check out the different Support Plans here.
What is our refund policy?
At miniOrange, we want our customers to be 100% satisfied with their purchases. In case the licensed plugin you purchased, is not working as advertised, you can report the issue with our Joomla support team within the first 10 days of the purchase. After reporting the issue, our team will try to resolve those issues within the given timeline as stated by the team, and if the issue does not get resolved within the given time period, the whole amount will be refunded.
Note that this policy does not cover the following cases:
1) Change in mind or change in requirements after purchase.
2) Infrastructure issues do not allow the functionality to work.
If you have any other queries regarding the return policy email us at joomlasupport@xecurify.com.
Is this an annual or a monthly charge?
This is an annual subscription. You would need to renew the license every year, in order to get the plugin updates that include security patches and compatibility changes with the latest versions of PHP, MySQL, and Joomla.
What happens if I do not renew my license?
If you decide to not renew your license, you will be able to continue to use our plugin but you won't receive any updates after your license period.
What is one instance?
A Joomla instance refers to a single installation of a Joomla site. It refers to each individual website where the plugin is active. In the case of a single site Joomla, each website will be counted as a single instance.
Why Choose miniOrange?
24/7 Customer Support
We are 24/7 available for your query resolutions, on email and phone support. Just one click away.
Strong Domain Expertise
miniOrange is a domain expert in IAM products such as SSO, 2FA/MFA, and custom enterprise solutions.
Need Help? We are right here!
