Joomla SAML Single Sign On (SSO) Using Bitium As Identity Provider (IdP)
Bitium-idp Single Sign On (SSO) for Joomla miniOrange provides a ready to use solution for Joomla. This solution ensures that you are ready to roll out secure access to your Joomla site using Bitium-idp within minutes.
Step 1: Configure Bitium as Identity Provider (IdP)
- Log into Bitium Admin Portal.
- Once you have logged into your Bitium Admin portal, click on the Manage button in the top navigation bar for your organization, and then click on Manage Apps.
- In the top right corner, click on Add More Apps. You will see a search box, then search for Joomla, and add the app to your Bitium account.
- Here we will start configuring SSO. First, select a name for your page, then select SAML Authentication from the dropdown menu. Once you are done, click on Install App.
- On the next screen, click on Configure Single Sign-On.(Copy the values below into the appropriate place in the SAML configuration section of Joomla - Custom URL)
- Here, we will exchange a few values between Bitium-idp and Joomla.
- Click on Save.
- Copy the following URL/Endpoints. These will be required while configuring the plugin. Copy the X.509 Certificate text area value and keep it handy.
- Now, assign the Joomla app to your users in the Apps Overview section.
| SAML URL | Copy/Paste ACS URL from Service Provider Metadata tab of the plugin |
| Entity ID | Copy/Paste SP-EntityID / Issuer from Service Provider Metadata tab of the plugin |
Step 2: Configuring Joomla as Service Provider (SP)
- In miniOrange SAML plugin, go to Service Provider Setup Tab.
- Provide the required settings (i.e. IdP Entity ID or Issuer, Single Sign-On Service URL, X.509 Certificate) and save it.
Manual Configuration :
| IDP Entity ID: | Entity ID from the Single Sign On tab in IDP |
| Single Sign-On Service URL: | Login URL from the Single Sign On tab in IDP |
| Single Logout Service URL: | Logout URL from the Single Sign On tab in your IDP |
| X.509 Certificate: | Paste the X.509 Certificate value from Single Sign On tab in Bitium-idp |
Add a button on your site login page with the following URL:
Step 3: Attribute Mapping (It is Optional to fill this). This is Premium feature.
- Attributes are user details that are stored in your Identity Provider(bitium-idp).
- Attribute Mapping helps you to get user attributes from your Identity Provider (idp) and map them to Joomla user attributes like firstname, lastname etc.
- While auto-registering the users in your Joomla site these attributes will automatically get mapped to your Joomla user details.
- In miniOrange SAML plugin, go to Attribute Mapping tab and fill in all the fields.
- You can check the Test Configuration Results under Service Provider Setup tab to get a better idea of which values to map here.
| Username: | Name of the username attribute from IdP (Keep NameID by default) |
| Email: | Name of the email attribute from IdP (Keep NameID by default) |
| Group/Role: | Name of the Role attribute from Identity Provider (bitium-idp) |
Step 4: Group Mapping (It is Optional to fill this). This is Premium feature.
- Joomla uses a concept of Roles, designed to give the site owner the ability to control what users can and cannot do within the site.
- Role mapping helps you to assign specific roles to users of a certain group in your Identity Provider (IdP).
- While auto-registering, the users are assigned roles based on the group they are mapped to.
Step 5: Redirection & SSO Links.
- Go to Redirection & SSO Links tab. There are multiple features availabe in this tab like Auto redirect the user to Identity Provider(bitium-idp) and Enable Backed Login for Super Users. To use these features, click on the respective checkboxes.
Miniorange Joomla SAML Single sign-on(web SSO) supports multiple known IDPs like Shibboleth, SimpleSamlPhp, Okta, ADFS, Google apps, Salesforce, Bitium, Onelogin, OpenAM, Centrify, Azure AD and many more.
For further details refer :
https://support.google.com/a/answer/60224?hl=en
https://www.bitium.com/insidewwp-single-sign-on-sso-provider
sso id, onelogin, single sign on, saml, adfs, Service provider, Joomla extensions, single sign-on sso, web sso, Web sso, miniorange, Joomla plugins, signle sign on solutions, Salesforce sso, saml php, saml authentication, SAML Service provider, saml 2.0 specification, google idp, assertion consumer service, Joomla saml acs url, saml issuer, saml claims, Joomla salesforce as Identity Provider, single sign on solution open source, saml 2.0 identity provider, saml idp vs sp, SAMl 2.0, SAML SP metadata, saml client, saml library, saml documentation, saml attribute mapping, Joomla SSO, best single sign on solution, saml relying party, joomla authentication plugin.
Business Trial For Free
If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387.