Joomla
Single Sign-On

Set up SAML Single Sign-On in Joomla by installing a Joomla SAML Service Provider extension and connecting it with your Identity Provider such as Azure AD, Okta, Google Workspace, Keycloak, or ADFS. The setup process includes exchanging metadata, configuring the ACS URL, and mapping user attributes and roles for seamless login access.

Joomla SAML SSO supports all major SAML 2.0 compliant Identity Providers including Azure AD, Okta, Google Workspace, Keycloak, ADFS, Ping Identity, OneLogin, Salesforce, and Auth0. This allows organizations to integrate Joomla with existing enterprise authentication systems easily.

Joomla SAML SSO supports Just In Time (JIT) user provisioning, allowing user accounts to be created automatically during the first login through the Identity Provider. User details such as username, email address, and user groups can also be mapped automatically.

Joomla can connect with Active Directory and LDAP directories to centralize authentication and user management. Users can log in using their existing directory credentials, helping organizations simplify access control and reduce password management issues.

Joomla SAML SSO works with MFA enabled on your Identity Provider. Authentication methods such as OTP verification, authenticator apps, push notifications, and email based verification can be added to strengthen account security before users access Joomla. Our miniOrange MFA extension can be used alongside to add an extra layer of verification directly within Joomla.

miniOrange does not transfer any data outside your system or store Personal Identifiable Information externally. All Joomla extensions operate on premise, meaning user data remains within your server environment. For the Joomla MFA extension, only the user’s email address is required. In case of risk based authentication, information such as device type, IP address, location, and login time may be used to evaluate risk and control access. Check our terms and conditions here.

SAML SSO improves security and user experience by allowing users to access Joomla with a single set of credentials. It helps reduce password related support requests, centralizes authentication, simplifies user management, and supports enterprise security requirements.

SAML is commonly used for enterprise Single Sign-On and centralized identity management, while OAuth is mainly used for social login and API authorization. SAML is typically preferred for employee authentication, whereas OAuth is often used for customer and social login scenarios.