Guide To Configure Joomla SAML Single Sign On (SSO)

Miniorange Joomla SAML Single sign-on(web SSO) supports multiple known IDPs like Shibboleth, SimpleSamlPhp, Okta, ADFS, Google id, Salesforce, Bitium, One login, OpenAM, Centrify, Azure AD and many more.

Here are the Step by Step guides for different Identity Providers for Joomla

SP Links
Azure AD Click Here
ADFS Click Here
Okta Click Here
Google Apps Click Here
Salesforce Click Here
Onelogin Click Here
Lastpass Click Here
Bitium Click Here
MiniOrange Click Here
Centrify Click Here
Other Click Here

Step 1: Download the plugin from miniOrange and Install it in Joomla

  • Download the plugin zip file.
  • Login as administrator in Joomla.
  • Go to ExtensionsManageInstall.
  • miniorange-icon

    Here you have three options to choose from to install your extension. In most cases, you should go with the 'Upload Package File' option. The three options are:

    • Upload Package File
    • Install from Directory
    • Install from URL
    • joomla-png
  • Choose miniOrange Joomla plugin file to install.
  • Install the plugin.
  • In the Joomla admin interface, go to ExtensionsManageManage.
  • Here you can enable and disable Joomla plugins and edit plugin details and options. It is also useful for quickly enabling or disabling multiple plugins at the same time.

  • Search for miniorange in plugins and enable all the extensions of the plugin.
  • saml sso

Step 2: Register/Login into miniOrange account

  • In Account tab, under 'Register with miniOrange', enter your email id and password to create an account. If an account already exists, you will be asked to log in to your account.
  • Register saml single sign on

Step 3: Configure Single Sign-On Settings in your Idp

  • In administrator interface, go to ComponentsMiniorange Saml Single Sign-On.
  • Register/Login in Miniorange account.
  • Go to 'Description' tab.
  • Here you will find all the relevant details that you would need to configure your IDP.
  • idp/sp metadata

Step 4: Configuring the plugin

  • Go to ComponentsMiniorange SAML Single Sign-On.
  • Click on 'Identity Provider Settings' tab.
  • Copy the following data from your Idp setup:
    1. Idp Entity ID
    2. Saml Login Url
    3. X.509 Certificate
    and save it here in the plugin Identity Provider Settings.

    X.509 Certificate -
  • Open your Idp certificate in a notepad and copy its contents here. For Example-
    ----Begin Certificate----
       xxxxxxxxxxxxxxxxxx
       xxxxxxxxxxxxxxxxxx
       xxxxxxxxxxxxxxxxxx
    ----End Certificate----
  • service provider configuration tab
  • After the Idp Settings are done. You can go to Attribute Mapping Tab to map user attributes from idp to your joomla user attributes.
  • Service provider attribute mapping
  • Go to Group Mapping Tab if you want to map groups from your idp to Joomla user group when auto-creating the user in Joomla.
  • Service provider group mapping

Step 5: Adding SAML login link in Joomla

The SAML login link can be added to Joomla main login form as follows:

  • Login as administrator in Joomla.
  • Go to ComponentsMiniorange SAML Single Sign-On.
  • Click on 'SSO Login Settings' tab.
  • Here you will get a link which you can assign to a button on your login screen.
  • SSO login settings for auto redirect to IDP
  • When you click on the link you will be redirected to your Idp login page.
  • Login to your idp with username/password. Once you are authenticated, you will be logged in to Joomla site.

miniOrange supports both SAML based Single Sign On into Joomla as well as OpenID connect based Single Sign On. This guide explains SAML based Single Sign On into Joomla.

In SAML SSO, miniOrange supports both IdP (Identity Provider) and SP (Service Provider) initiated Single Sign On (SSO) for Joomla.

saml bulletSP Initiated Single Sign On (SSO)

In SP Initiated Login, SAML request is initiated from Joomla.

  • A user can login to his Joomla Account by clicking on SAML Login Link provided on the Joomla Site login page.
  • After clicking on SAML link, you will be redirected to Identity Provider login page like Shibboleth, SimpleSaml, Salesforce, Okta, ADFS, etc.
  • You have to enter your login credentials and after successful authentication, you will be redirected to your Joomla Account.

miniorange sso bulletIdP Initiated Single Sign On (SSO)

In IdP Initiated Login, SAML request is initiated from any Third Party Identity Provider like Shibboleth, SimpleSaml, Salesforce, Okta, ADFS, etc.

Free Trial

If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387 to find an answer to your question about Joomla Single Sign On(SSO).