Joomla SAML Single Sign On (SSO) using Bitium as Identity Provider (IdP)

Bitium-idp Single Sign On (SSO) for Joomla miniOrange provides a ready to use solution for Joomla. This solution ensures that you are ready to roll out secure access to your Joomla site using Bitium-idp within minutes.

You can download SAML single sign-on plugin zip file for Joomla Service Provider from here.

Step 1: Configure Bitium as Identity Provider (IdP)

  • Log into Bitium Admin Portal.
  • Once you have logged into your Bitium Admin portal, click on the Manage button in the top navigation bar for your organization, and then click on Manage Apps.
  • bitium-idp sso
  • In the top right corner, click on Add More Apps. You will see a search box, then search for Joomla, and add the app to your Bitium account.
  • Here we will start configuring SSO. First, select a name for your page, then select SAML Authentication from the dropdown menu. Once you are done, click on Install App.
  • bitium-idp saml sso
  • On the next screen, click on Configure Single Sign-On.(Copy the values below into the appropriate place in the SAML configuration section of Joomla - Custom URL)
  • bitium-idp single sign on
  • Here, we will exchange a few values between Bitium-idp and Joomla.
  • SAML URL Copy/Paste ACS URL from Service Provider Metadata tab of the plugin
    Entity ID Copy/Paste SP-EntityID / Issuer from Service Provider Metadata tab of the plugin
  • Click on Save.
  • Copy the following URL/Endpoints. These will be required while configuring the plugin. Copy the X.509 Certificate text area value and keep it handy.
  • bitium-idp sso
  • Now, assign the Joomla app to your users in the Apps Overview section.

Step 2: Configuring Joomla as Service Provider (SP)

  • In miniOrange SAML plugin, go to Service Provider Setup Tab.
    • bitium-idp Service provider setup Manual Configuration :

      • Provide the required settings (i.e. IdP Entity ID or Issuer, Single Sign-On Service URL, X.509 Certificate) and save it.
      IDP Entity ID: Entity ID from the Single Sign On tab in IDP
      Single Sign-On Service URL: Login URL from the Single Sign On tab in IDP
      Single Logout Service URL: Logout URL from the Single Sign On tab in your IDP
      X.509 Certificate:Paste the X.509 Certificate value from Single Sign On tab in Bitium-idp

      bitium-idp x509certificat for saml authentication Add a button on your site login page with the following URL:

        bitium-idp sign in settings

Step 3: Attribute Mapping (It is Optional to fill this). This is Premium feature.

  • Attributes are user details that are stored in your Identity Provider(bitium-idp).
  • Attribute Mapping helps you to get user attributes from your Identity Provider (idp) and map them to Joomla user attributes like firstname, lastname etc.
  • While auto-registering the users in your Joomla site these attributes will automatically get mapped to your Joomla user details.
  • In miniOrange SAML plugin, go to Attribute Mapping tab and fill in all the fields.
  • Username: Name of the username attribute from IdP (Keep NameID by default)
    Email: Name of the email attribute from IdP (Keep NameID by default)
    Group/Role: Name of the Role attribute from Identity Provider (bitium-idp)
    bitium-idp SAML Attribute Mapping
  • You can check the Test Configuration Results under Service Provider Setup tab to get a better idea of which values to map here.

Step 4: Group Mapping (It is Optional to fill this). This is Premium feature.

  • Joomla uses a concept of Roles, designed to give the site owner the ability to control what users can and cannot do within the site.
  • Role mapping helps you to assign specific roles to users of a certain group in your Identity Provider (IdP).
  • While auto-registering, the users are assigned roles based on the group they are mapped to.
  • bitium-idp Group mapping for SSO

Step 5: Redirection & SSO Links.

  • Go to Redirection & SSO Links tab. There are multiple features availabe in this tab like Auto redirect the user to Identity Provider(bitium-idp) and Enable Backed Login for Super Users. To use these features, click on the respective checkboxes.
  • bitium-idp Backend login or auto redirect to IDP

    Miniorange Joomla SAML Single sign-on(web SSO) supports multiple known IDPs like Shibboleth, SimpleSamlPhp, Okta, ADFS, Google apps, Salesforce, Bitium, Onelogin, OpenAM, Centrify, Azure AD and many more.


    For further details refer :
    https://support.google.com/a/answer/60224?hl=en
    https://www.bitium.com/insidewwp-single-sign-on-sso-provider


Business Trial For Free

If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387.