A Joomla plugin to allow access to your Joomla site to be controlled by your SAML identity provider (e.g. Microsoft 365 or GSuite).
Frontend and Backend Login Auto-provision users Map SAML attributes to Joomla (name, email, fullname) Map SAML Groups to Joomla groups Single Sign Out
Requires a working installation of
SimpleSAMLphp. There is information here on how to setup common systems as an identity provider/authentication source for SimpleSAMLphp Azure AD/Microsoft 365 Google
With a working SimpleSAMLphp install use the ‘Test Authentication Sources’ option to see your SAML data, this can then be mapped to the username, email and fullname in the plugin. If you have enabled groups in your Idp then these can also be mapped to the required Joomla groups.
Note: Due to a Joomla security restriction it is not possible to change groups dynamically in code for Superusers. The plugin will warn you if this is the case – this stops you accidentally locking yourself out by removing your access based on an IDP group change
Download the latest version of the installable Joomla package