V8-archive: SAMLv2 IDP SSO integration
Feature Request
Ability to integrate with a SAMLv2 SSO IDP for sso authentication
What problem does this feature solve?
Authenticate with any SAMLv2-based SSO
How do you think this should be implemented?
Same way you already did with the "SocialProvider"
Would you be willing to work on this?
Yes. Also, I already implemented it for our project as kind of a prototype. The code is based on this awesome library: https://github.com/lightSAML/lightSAML.
Although it works for our case (on directus 8.5.5), I'm not quite sure if it would be worth it to clean it up and publish it on github as you guys already have a better implementation ready for directus 9?
Happy to publish it, if it helps anyone.
Best regards
Markus
mathielen
All 7 comments
Thank you, Markus — really appreciate the request and offer to publish your work! 😄
I'll defer to @rijkvanzanten (tech lead) on this one...
benhaynes
on 20 Apr 2020
Hey there,
So I did a little cleanup, wrote some readme and pushed it here: https://github.com/mathielen/directus-saml2
I'm not perfectly sure whether I integrated the way it was intended but it seems to work.
There is one more thing, that I didnt understand or might be something that is missing in directus: That is - to make the social_providers/sso functionality actually be extendable. Because It seems that the whole sso-authentication-logic is based on the actual directus configuration file which in turn is guarded by the Config-schema.
That effectively makes it impossible to add another social_provider as an extension.
Again, not sure if I got everything right...
Hope my code may help somebody or even samlv2 will be integrated into the directus core - which would be fantastic!
Thank you for this awesome open-source product!
mathielen
on 3 May 2020
Thanks @mathielen! This is awesome... we'll take a look ASAP (everyone's pretty busy on v9/v10, but we'll find time). I don't know enough about the code to answer your question, but @rijkvanzanten probably can give an answer/guidance on auth adapter extensibility. Again, really appreciate the help! ❤️
benhaynes
on 4 May 2020
Hey is there any update on this ?
SimonKlausLudwig
on 6 Jan 2021
Hey guys, any update on the subject?
Azumi0
on 11 May 2021
I'd love to see SAML integration into Directus as well, it would definitely open the possibilities to allow usage of the project to a wider audience. Please let us know if some help is required!
waza-ari
on 28 Jan 2022
@waza-ari — did you mean to post this on our legacy version 8 repo?
benhaynes
on 28 Jan 2022
Related issues
24js
·
3Comments
cdwmhcc
·
3Comments
maettyhawk
·
3Comments
gitlabisbetterthangithub
·
3Comments
jwkellyiii
·
3Comments
Most helpful comment
Hey there,
So I did a little cleanup, wrote some readme and pushed it here: https://github.com/mathielen/directus-saml2
I'm not perfectly sure whether I integrated the way it was intended but it seems to work.
There is one more thing, that I didnt understand or might be something that is missing in directus: That is - to make the social_providers/sso functionality actually be extendable. Because It seems that the whole sso-authentication-logic is based on the actual directus configuration file which in turn is guarded by the Config-schema.
That effectively makes it impossible to add another social_provider as an extension.
Again, not sure if I got everything right...
Hope my code may help somebody or even samlv2 will be integrated into the directus core - which would be fantastic!
Thank you for this awesome open-source product!