Keycloak Single Sign-On (SSO) login for Magento [SAML] can be achieved by using our Magento SAML SP Single Sign-On (SSO) plugin. Our SSO solution will make Magento SAML 2.0 compliant Service Provider establishing trust between the Magento site and Keycloak to securely authenticate and login users to the Magento site. Our Magento Single Sign-On (SSO) solution helps to secure Magento sites behind the SSO login so that users are authenticated using their Keycloak login credentials. Seamless support for advanced SSO features like Attribute / Custom Mapping, Role Mapping etc.
SAML allows Service Providers and Identity Providers to communicate information; SAML is the integration of Service Providers and Identity Providers. When a user tries to log in, your Service provider sends SAML assertions to the Identity Provider, which contain user information. Identity Provider receives the assertion and checks it against your Service Provider settings before granting the user access to your org.
Here we will go through a guide to configure SAML Single Sign-On SSO login between Magento site and Keycloak by considering Keycloak as IdP (Identity Provider) and Magento as SP (Service Provider). Our SSO plugin provides Unlimited user authentications from Keycloak. To know more about other features we provide in you Magento SAML Single Sign-On (SSO) plugin, you can click here.
Magento Single Sign On SSO login with Azure AD, Azure B2C, ADFS, Okta, Keycloak, Salesforce, Ping, Bitium, Gsuite, Shibboleth & many SAML IdPs [24/7 SUPPORT]
First of all, Download Keycloak and install it.
Start Server: Start the keycloak server by running the _standalone.sh_ file
Follow the steps below to configure Keycloak as IdP for Magento
Client ID | The SP-EntityID / Issuer from Service Provider Metadata |
Name | Provide a name for this client (Eg. Joomla) |
Description (optional) | Provide a description |
Enabled | ON |
Consent Required | OFF |
Client Protocol | SAML |
Include AuthnStatement | NO |
Sign Documents | NO |
Optimize Redirect signing key lookup | OFF |
Sign Assertions | NO |
Signature Algorithm | RSA_SHA256 |
Encrypt Assertion | OFF |
Client Signature Required | OFF |
Client Signature Required | EXCLUSIVE |
Force Name ID Format | NO |
Name ID Format | |
Root URL | Leave empty or Base URL of Service Provider |
Valid Redirect URIs | The ACS (Assertion Consumer Service) URL from Service Provider Metadata |
Assertion Consumer Service POST Binding URL | The ACS (Assertion Consumer Service) URL from the plugin's Service Provider Metadata tab |
Logout Service Redirect Binding URL (Optional) | The Single Logout URL from the plugin's Service Provider Metadata tab |
Add Mappers
Download setup file
You have successfully configured Keycloak as SAML IdP ( Identity Provider) for achieving Keycloak login / Keycloak SSO / Keycloak Single Sign-On (SSO), ensuring secure Login into Magento Site.
IdP Entity ID or Issuer | SAML Entity ID in the Federation Metadata document |
Single Sign-On Service URL | SAML Single-Sign-On Endpoint URL in the Federation Metadata document |
X.509 Certificate | x.509 Certificate in the Federation Metadata document |
Username: | Name of the username attribute from IdP (Keep NameID by default) |
Email: | Name of the email attribute from IdP (Keep NameID by default) |
Group/Role: | Name of the Role attribute from Identity Provider (IdP) |
In this Guide, you have successfully configured Keycloak SAML Single Sign-On (Keycloak SSO Login) choosing Keycloak as IdP and Magento as SP using Magento SAML Sigle Sign-On (SSO) Login plugin .This solution ensures that you are ready to roll out secure access to your Magento site using Keycloak login credentials within minutes.
If you are looking for anything which you cannot find, please drop us an email on magentosupport@xecurify.com
Need Help? We are right here!
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com