Product support

Visit this product's website for support.

  • Added on May 23, 2019
  • Current version: 1.0.7
  • Compatibility
    October CMS v3.x not tested
    October CMS v2.x not tested
    October CMS v1.x use latest
  • Created by


SAML SP Single Sign On - SSO for OctoberCMS

SAML 2.0 Single Sign On (SSO) Authentication for OctoberCMS by miniOrange


SAML SP Single Sign On - SSO for OctoberCMS allows users residing at SAML 2.0 compliant Identity Provider to log in to your OctoberCMS website. We support all known IdPs - ADFS, Azure AD, Google Apps, Keycloak, Okta, Salesforce, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ, miniOrange, etc. Refer guide to set up the plugin with your IdP.

SAML SP Single Sign On - SSO Plugin acts as a SAML 2.0 Service Provider which can be configured to establish the trust between the plugin and various SAML 2.0 supported Identity Providers to securely authenticate the user to the October CMS via SSO.

If you require any Single Sign-On application or need any help with installing this plugin, please feel free to email us at info@xecurify.com or contact us.


  • Easily Configure the Identity Provider by providing just the SAML login URL, IDP Entity ID, and Certificate.

  • Easily integrate the login link with your OctoberCMS site using SSO Button Component. Just drop it in a desirable place on your site.

  • Automatic user registration for 10 users after login if the user is not already registered with your site.

  • Standard Attribute Mapping maps the response to your Users' username and email credentials.

  • Supports both Backend and Frontend authentication.


This plugin requires the RainLab.User plugin to be installed in your OctoberCMS instance.

This plugin also supports the Buddies. Contact us for the supported version.

Managing users

The plugin depends on and automatically integrates with the user management provided by RainLab.User plugin. All users are created and authenticated based on email address received in NameID through the SAML 2.0 SP plugin, and can be seen in the Users view provided by the RainLab.User plugin.

Plugin settings

This plugin creates a Main menu item Single Sign On found at the main nav bar at the top of the page. This menu has four side menu items - Plugin Settings, Upgrade, Account, and Support. Plugin settings allow the configuration of SAML settings. You will be able to see three tabs - IdP Settings, SP Settings, and Attribute Mapping - which are explained in detail below.

IdP Settings

In this tab, you are supposed to fill in the Single Sign On endpoints/URLs/details supplied by your Identity Provider.

  • IDP Name : This field is not critical to the functionality of the plugin and is provided only for your convenience.
  • IDP Entity ID : This is the first of the required fields for working functionality and is provided by your Identity Provider. Also known as IDP Issuer ID.
  • SAML Login URL : This is the second of the required fields for working functionality and is provided by your Identity Provider. Also known as Single Sign On URL.
  • SAML x509 Certificate : This is the third of the required fields for working functionality and is provided by your Identity Provider.

Make sure to click Save.

All the three required fields are critical to SAML Authentication and the Test Configuration feature provided at the bottom of the page should be used to make sure your configurations are correct. Make sure to hit Save before clicking Test Configuration

SP Settings

This tab automatically generates and provides you with the minimum endpoints that you need to provide to your Identity Provider - SP Entity ID also known as Audience URI or SP Issuer ID and ACS URL also known as Single Sign On URL. The Download Certificate link can be used to download the SP's public certificate in case the Identity Provider requires it.

Attribute Mapping

This tab is disabled in the free version. However, you will be able to see "NameID" as the default value in the Username and Email fields. The value received in NameID will be stored against the User's username and email while creating a new user.


On the left-hand side pane, you will see the Upgrade menu. Here you can compare the features of the Free version with the Premium version of the plugin.


On the left-hand side pane, you will see the Support menu. Using the form on this page you can send us at MiniOrange Security Software a query regarding technical difficulties or a premium upgrade. You will have to enter your name and phone (optional) to send us mail. We are committed to providing you with the highest quality of support through emails, screen share & plugin troubleshooting. Drop us a mail at info@xecurify.com to schedule a call.


On the left-hand side pane, you will see the Account menu. You can register to miniOrange for upgrade and query. You will have to enter a valid email address and a password and nothing more to quickly register for free with miniOrange to access the support form.

SSO Button Component

The SSO Button can be placed on any page and clicking it will start the Single Sign On flow. For ease of understanding to the end user, place it on the same page as your login/account form provided by User plugin but it's totally upto you and the placement of this button does not affect the functionality in any way. The working of the SSO Button does not depend on another component being present on the same page.

Backend SSO

Admin/backend users can Single Sign On into the backend using the same SAML configuration. They will be authenticated against email address registered under their backend account. A "Single Sign On" button will be automatically generated on the backend login screen.

Premium Features

You can upgrade to the premium version of this plugin for the following features.

  • Advanced Attribute Mapping
  • Configurable SAML request binding type
  • SAML Single Logout
  • Force Authentication and Auto-Redirect to IdP
  • Signed Response and Assertion
  • many more..

If you are looking for any special use case or customization drop us a mail at info@xecurify.com.

You can reach us at info@xecurify.com or contact us to upgrade to premium.



php artisan plugin:install Miniorange.Samlsp


Main Navigation Bar Single Sign On > Plugin Settings

IDP Settings Example

IDP Name : YouCanNameYourIdpAnything

SAML Login URL : https://your-idp.com/saml/sso

IDP Entity ID : https://your-id.com/some-random-string

SAML x509 Certificate: signing certificate provided by IDP

Refer Guide for more details.

  • Found the plugin useful on 27 Jun, 2019

    One of the great things, if one goes with the MinOrange SSO plugin, is the high-quality support. MinOrange has multiple support staff who know what they are doing and will help you to ensure that the plugin is working correctly. Thank you!

  • author

    Replied on 20 Aug, 2020

    Hi Shrishail - thanks for the Feedback, really makes a difference to us. Appreciate you like the plugin and support.


Minor changes for Premium upgrade

Aug 20, 2020


Fixed Issue for SAML request with ADFS

Aug 12, 2020


Updated table miniorange_samlsp_saml_config

Nov 13, 2019


Improved upgrade flow

Jun 05, 2019


Minor changes

May 24, 2019


Fixed Support Form

May 23, 2019


Created table miniorange_samlsp_customer_details

May 21, 2019


Version 1

May 21, 2019

The plugin can be upgraded through the backend if updates are enabled.