ADFS SAML Single sign-on (SSO) is an authentication method that enables ADFS users to access multiple Joomla applications with one login and one set of credentials.
What is SSO ?
SAML allows exchanging of information between Service Provider and Identity provider, SAML is integration between SP and IDP. When a user tries to log in, your identity provider sends SAML assertions containing facts about the user to Identity Provider. Identity Provider receives the assertion, validates it against your Identity Provider configuration, and allows the user to access your org.
Our plugin is compatible with Joomla 4 as well as with all the SAML 2.0 compliant Identity Providers. Here we will go through a step-by-step guide to configure SAML SSO login between Joomla site and ADFS by considering ADFS as IdP (Identity Provider & Joomla as SP (Service Provider).
If you want support in configuring the plugin, or to integrate ADFS with Joomla, click on Free Configuration Setup button.
We provide a 7 day full feature trial wherein you can fully test out all the features of the plugin, click on Free Business Trial button.
Using Metadata XML file
Using Manual configuration
|Claim rule name:||Attributes|
|Attribute Store:||Active Directory|
|Outgoing Claim Type:||Name ID|
Steps to configure ADFS for Windows Authentication
setspn -a HTTP/##ADFS Server FQDN## ##Domain Service Account##
FQDN is Fully Qualified Domain Name (Example : adfs4.example.com)
Domain Service Account is the username of the account in AD.
Example : setspn -a HTTP/adfs.example.com username/domain
Set-AdfsProperties -WIASupportedUserAgents ((Get-ADFSProperties | Select -ExpandProperty WIASupportedUserAgents) + "Chrome")
Get-AdfsProperties | Select -ExpandProperty WIASupportedUserAgents;
|IdP Entity ID or Issuer||SAML Entity ID in the Federation Metadata document|
|Single Sign-On Service URL||SAML Single-Sign-On Endpoint URL in the Federation Metadata document|
|X.509 Certificate||x.509 Certificate in the Federation Metadata document|
|Username:||Name of the username attribute from IdP (Keep NameID by default)|
|Email:||Name of the email attribute from IdP (Keep NameID by default)|
|Group/Role:||Name of the Role attribute from Identity Provider(IdP)|
You have successfully completed your miniOrange SAML 2.0 SP configurations. Still, if you are facing any difficulty please mail us on email@example.com .
Synchronize users, groups & directory with SCIM & REST APIs for Server.
Page Restriction plugin restricts Joomla pages (Articles) based on User Roles and User's Login Status.
Using this Add-on you would be mapping the user details into the CB's comprofilers fields table which contains the values.
If you want Business Trial for FREE Click Here
If you don't find what you are looking for, please contact us at firstname.lastname@example.org or call us at +1 978 658 9387.
Need Help? We are right here!