Jboss keycloak Single Sign On (SSO) For Joomla miniOrange provides a ready to use solution for Joomla. This solution ensures that you are ready to roll out secure access to your Joomla site using Jboss Keycloak within minutes.
Client ID | SP-EntityID/Issuer from Service Provider Metadata |
Client protocol | SAML |
Client SAML Endpoint (optional) | The ACS (Assertion Consumer Service) URL from Service Provider Metadata |
Client ID | The SP-EntityID / Issuer from Service Provider Metadata |
Name | Provide a name for this client (Eg. Joomla) |
Description (optional) | Provide a description |
Enabled | ON |
Consent Required | OFF |
Client Protocol | SAML |
Include AuthnStatement | NO |
Sign Documents | NO |
Optimize Redirect signing key lookup | OFF |
Sign Assertions | NO |
Signature Algorithm | RSA_SHA256 |
Encrypt Assertion | OFF |
Client Signature Required | OFF |
Client Signature Required | EXCLUSIVE |
Force Name ID Format | NO |
Name ID Format | |
Root URL | Leave empty or Base URL of Service Provider |
Valid Redirect URIs | The ACS (Assertion Consumer Service) URL from Service Provider Metadata |
Assertion Consumer Service POST Binding URL | The ACS (Assertion Consumer Service) URL from Service Provider Metadata |
Logout Service Redirect Binding URL | The Single Logout URL from Service Provider Metadata |
Add Mappers
Add User
OR
Identity Provider Name | Provide an Identity Provider name (For Example: Keycloak). |
IdP Entity ID or Issuer | Search for the entityID from IDP Metadata.Enter the Value in the Entity ID textbox. |
SAML Login URL | Search for SingleSignOnService Binding ”urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect” from IDP Metadata.Enter the location value in the SAML Login URL textbox. |
SAML Logout URL (Optional) | Search for SingleLogoutService Binding”urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect” from IDP Metadata.Enter the location value in the SAML Login URL textbox. |
X.509 Certificate (Optional) | Search for the X.509 Certificate from IDP Metadata.Enter the tag value in Certificate textbox. |
Enable login with SAML | Checked |
Signed SSO and SLO Requests | Unchecked |
Username: | Name of the username attribute from IdP (Keep NameID by default) |
Email: | Name of the email attribute from IdP (Keep NameID by default) |
Group/Role: | Name of the Role attribute from Identity Provider (IdP) |
If you don't find what you are looking for, please contact us at joomlasupport@xecurify.com or call us at +1 978 658 9387.