PHP SAML 2.0 Connector acts as a SAML Service Provider which can be configured to establish the trust between the application and a SAML capable Identity Provider to securely authenticate the users into your application. Here we will go through a step-by-step guide to configure Azure AD as IdP (Identity Provider) and PHP SAML 2.0 Connector as SP (Service Provider).
Pre-requisites : Download and Installation
- To get the miniOrange PHP SAML 2.0 Connector Contact us .
- Unzip the PHP connector in the directory where your PHP application is running.
- Access SSO connector settings from your browser with URL https://<application-url>/sso
- Login to the PHP connector using your miniOrange credentials.
- In miniOrange PHP SAML 2.0 Connector, Under Plugin Settings tab you will get the SP Entity ID and ACS URL values which will be used while configuring your Identity Provider.
Step 2: Configure the connector using your Identity Provider details
- In Plugin Settings, use your Identity Provider details to configure the plugin.
- You can configure the SP base url or leave this option as it is. Other fields are optional.
- Click on the Save button to save your settings.
Test the Configuration
- You can test if the plugin is configured properly or by clicking on the Test Configuration button.
- You should see a Test Successful screen as shown below along with the user's attribute values as being sent by your Identity Provider
Step 3: Attribute Mapping
- From the Test Configuration window copy the attribute which is returning email and username.
- You can add any Custom Attribute and click on Save.
Step 4: Enable SSO into your Application
Once the SSO test was successful, you can provide an Application URL, to where the users will be redirected after logging in.
- To do so, click on the How to Setup? menu in SSO connector.
- In the input field for Application URL, enter the url of your application (where you want the users to redirect after logging in).
- To login the user into your application, you can read the session attribute set by the SSO connector.
You can use the variables $email and $username in your application to find the user in your php application and start session for the user.
Now that the plugin is configured, you're ready to use it in your application.
Use the following URL as a link in your application from where you want to perform SSO:
if(session_status() === PHP_SESSION_NONE)
$email = $_SESSION['email'];
$username = $_SESSION['username'];
For Example, you can use it as:
<a href="http://<application-url>/sso/login.php">Log in</a>
Your users will be able to SSO in your application by clicking on the Log in link.
Note : The miniOrange PHP SAML 2.0 Connector is supported by various PHP Frameworks such as Laravel, CodeIgniter, CakePHP, Symfony, Zend Framework, Phalcon, Yii Framework, Aura, Fat-Free, PHP-MVC, Kohana, FuelPHP, Slim, Flight, Zikula, PHPixie, Li3, Nett, Medoo, POP PHP, PHP Mini, Silex, Agavi, Typo 3 Flow, Prado, Cappuccino, Limonade, Webasyst, Guzzle PHP, YAF, Akelos PHP Framework, Qcodo, evoCore, Stratus, Seagull, Maintainable, Limb, Phocoa, AjaxAC, Zoop, BlueShoes, Recess, PHPDevShell, Ice Framework, QueryPHP, Dash PHP Framework, Zest Framework, Roducks, and many more.