Search Results :


Moodle SAML Single Sign-On (SSO) Integration using Joomla as IDP


Login using Joomla Users ( Joomla as SAML IDP ) plugin gives you the ability to use your Joomla credentials to log into Moodle. Here we will go through a step-by-step guide to configure SSO between Moodle as Service Provider and Joomla as an Identity Provider.

Pre-requisites : Download And Installation

1. Configure Joomla as Identity Provider:

  • Go to Moodle site.
  • Install and activate the miniOrange SAML SP Plugin on your Moodle site, which acts as a Service Provider.
  • Go to the miniOrange SAML SP Plugin, navigate to the Service Provider Metadata tab. Here, you can find the Service Provider metadata such as SP Entity ID , ACS (Assertion Consumer Service) URL, Audience URI and NameID format which is required to configure the Identity Provider.
  • moodle SAML SP single sign on ( sso ) upload metadata

    miniorange img Instructions:

  • Go to Joomla site.
  • Install and activate the miniOrange SAML IDP Plugin ( Joomla as SAML IDP ) on your Joomla site which is acts as an Identity Provider.
  • Go to the Joomla SAML IDP Plugin, navigate to the Service Provider tab.
  • Enter the values corresponding to the information from the Service Provider. Refer to the table below.

  • Service Provider Name Name of your Service Provider.
    SP Entity ID or Issuer Copy the SP EntityID from the Service Provider Setup tab in miniorange SAML SP Plugin from your moodle site.
    ACS URL Copy the ACS URL from the Service Provider Setup tab in miniorange SAML SP Plugin from your moodle site.
    NameID Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
    Assertion Signed Checked

    Joomla saml idp service provider
  • Click on the Save Configuration button to save your configurations.
  • Go to the Identity Provider tab. Here you can find information for configuring the Service Provider ( SP ).
  • You can also download the metadata XML file, by clicking on the Download XML Metadata button.
  • Joomla saml idp upload metadata

2. Configuring Moodle as Service Provider:

We will go through the steps to setup Moodle as a Service Provider ( SP ). Here, we will be adding the IdP metadata to configure the Plugin.

In the miniOrange SAML SP Plugin, go to the Service Provider tab of the Plugin. There are two ways to configure the Plugin:

A. By uploading IDP metadata:

  • Click on Upload IDP metadata button.
  • Enter the Identity Provider Name
  • You can copy and paste IdP metadata XML file download in the last step and click on Upload Metadata button or use a metadata URL copied in the last step and click on Fetch Metadata.
  • moodle saml SSO upload metadata

B.Manual Configuration:

  • Provide the required settings ( i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate ) as provided by your Identity Provider as shown in the last step.
  • Click on the Save Configuration button to save your configuration.
  • moodle saml SP upload metadata

3. Moodle User Mapping:

There are two features include in Moodle:

  1. Attribute Mapping
  2. Role Mapping

User Attribute Mapping in Moodle SAML SP Plugin:

  • When the user performs SSO, the NameID value is sent by the Identity Provider ( IDP ). This value is unique for every user.
  • To assign by which attribute value user should be created or authenticate himself. for that select Email or Username in "Login/Create Moodle account by" dropdown.
  • For the Plugin to access these attributes assign the Email and Username attribute in the required field.
  • Click on the Save configuration button to save your configuration.
  • moodle sso integration saml attribute mapping

User Role Mapping in Moodle SAML SP Plugin:

  • In the free plugin, you can choose a default role that will be assigned to all the non-admin users when they perform SSO. [NOTE: Roles will be assigned to new users created by SSO. Existing Moodle users’ roles will not be affected.]
  • Go to Attribute/Role mapping tab and navigate to Role Mapping section.
  • Select the Default Role and click on the Save button to save your configuration.
  • moodle sso saml role mapping

4. SSO Settings in Moodle:

  • In the plugin you can add a login widget to enable SP-initiated SSO on your site.
  • Go to the plugins >> Authentication >> Manage authentication.
  • Click on the to enble the plugin visibility.
  • Click on the ⬆ to set plugin preference.
  • moodle sso connect saml role mapping

5: Configuring Joomla as Identity Provider (IDP)

  • Download the zip file for the miniOrange SAML IDP plugin for Joomla from the link here .
  • Login into your Joomla site’s administrator console.
  • From Menu, click on System, then under Install section click on Extension.
  • Twitch Single Sign-On (SSO) OAuth/OpenID
  • Upload the downloaded zip file to install the Joomla SAML IDP plugin.
  • Twitch Single Sign-On (SSO) OAuth/OpenID
  • You have successfully completed your miniOrange SAML 2.0 IDP configurations with Moodle. Still, if you are facing any difficulty please mail us on
  • Miniorange Joomla SAML Single Sign-On (SSO) supports multiple known SPs like Panopto, Lucid charts, Agylia LMS, Moodle, Inkling SP, Zendesk, Tableau, Owncloud, miniOrange Wordpress SAML SP, Drupal SAML SP, Workplace by Facebook, Salesforce, Zoho, Klipfolio and many more.
  • Additional Resources.

    Free Trial:

    If you would like to test out the plugin to ensure your business use case is fulfilled, we do provide a 7-day trial. Please drop us an email at requesting a trial. You can create an account with us using this link.

    24*7 Active Support

    If you face any issues or if you have any questions, please feel free to reach out to us at In case you want some additional features to be included in the plugin, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you Setup the Joomla SAML IDP Single Sign-On plugin.

Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to