For all websites, especially e-commerce websites, the interaction with the customer is very important. If users want to use the full functionality of the website, all websites requires them to log-in to use. This enables website owners to manage information with ease; however, having to create multiple accounts for different sites will make some customers uncomfortable. Therefore, there are many solutions are given help to customers can use the same account to login at multiple sites or in many different services.
SAML (Security Assertion Markup Language) is one of these solutions. It helps us can use an account from a SAML identity provider (OneLogin, Okta, Ping Identity, ADFS, Salesforce, SharePoint…) to log-in where allows to use SAML. But, to be able to use this feature, has a required that these websites need to enable SAML on their systems. The default feature of most websites does not support for that and same with Magento. So SAML Single Sign On Magento Plugin has been developed to help you to do that by easiest way.
So, after use SAML Single Sign On Magento then your customers can log-in into your site with an account from a SAML identity provider without need to register a new account on your site. This will save time for your customers.
How SAML Single Sign On Magento Plugin Works?
Now, let’s discover to know how this plugin works. At first setting step, go to admin panel, you just select “Yes” to enable for its status then Single Sign on Plugin is enabled. Now, customers just need to click on the link “Login via your Identity Provider” to choose login with SAML Identity Provider account.
After that, you can set-up this extension by some options below:
- Identity Provider Settings: you can set up some info related to the IDP that will be connected with your Magento. You can find these values at the Onelogin’s platform in the Magento App at the Single Sign-On tab: IdP Entity Id, Single Sign on Service Url, and Single Log out Service Url.
- Options Settings: you can set-up the behavior of the plugin, so you just select “Yes” for some improtant fields such as: Create user if not exists, Update user data, and Single Log Out.
- Attribute Mapping Settings: this allow you to set the mapping between IDP fields and Magento fields.
Notice: this mapping could be also set at Onelogin’s IDP.
- Group Mapping Settings: the IDP can be used its own groups. This is where you can set the mapping between IDP and Magento customer groups. Accept multiple valued commas separated.
Example: admin, owner, super-user. There are 5 fields, the id means that Role id=1 will match the Magento groups that has id=1 if exists.
- Address Mapping Settings: allow you to create mapping between IP address data and Magento. If the IDP has address data, you just fill full information in some fields: Company, Street 1, City, Country, State/Province, Zip/Postal Code, Telephone and Fax.
- Custom Messages Settings: This is one of important section to help you handle what messages are showed in the login form.
- Advanced Settings: with this option, you can easily handle some other parameters related to customizations and security issues. If sign/encryption is enabled, then x509 cert and private key for the SP must be provided.
The above is a brief introduction about the Single Sign On Magento Plugin. To have a more intuitive view, please view the video below:
For more info, click on the button below: