Feature: SAML Identity Provider endpoint

FusionAuth / fusionauth-issues

FusionAuth issue submission project

https://fusionauth.io

90 stars 12 forks source link

Feature: SAML Identity Provider endpoint #3

Closed voidmain closed 5 years ago

voidmain commented 6 years ago

SAML endpoint

Problem

To allow FusionAuth to be the identity provider for 3rd party tools that only support SAML, a SAML endpoint would be added to FusionAuth.

Solution

This feature would add a new login front-end plus a full SAML backend implementation. This would be very similar to the OAuth front-end that FusionAuth currently has and would include all of the same features (MFA, Password Change, Forget Password, etc).

Related Issues

SAML2 Federation - Issue #104

How to vote

Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.

robotdan commented 5 years ago

Lots of thumbs up 👍 ! Thanks for all of the feedback. This feature is in development and targeted for the next point release.

Initially we'll be supporting SAML federation through a new Identity Provider type. https://fusionauth.io/docs/v1/tech/identity-providers/ https://fusionauth.io/docs/v1/tech/apis/identity-providers/overview

We may also consider adding support to reveal FusionAuth as a SAML IDP.

ajinkyas commented 5 years ago

Will love to have SAML support as soon as possible. Any tentative date you can see this feature released? Are we targeting any specific version of SAML?

robotdan commented 5 years ago

Development is nearing completion. This feature is targeted for the next release which should be publicly available in the next week or two.

The initial support will be for SAML2 federation.

@ajinkyas do you have any specific requirements?

robotdan commented 5 years ago

For the upcoming release we'll only be delivering SAML2 federation and not the entire SAML IDP. Revealing FusionAuth as a SAML IDP is still in plan, but is not targeted for the 1.6.0 milestone.

See https://github.com/FusionAuth/fusionauth-issues/issues/104

ajinkyas commented 5 years ago

Thanks for such a quick response @robotdan ! We appreciate it.

Actually we were looking for SAML IDP itself. And also, another feature we were looking for is a dashboard for non-Admin users, to view all his/her applications after logging into FusionAuth web application.

Could you please let us know if these features are on your road map?
If so, what is the timeline? When can we expect each feature I mentioned above?
Is there anyway we could contribute to FusionAuth project for these features?

robotdan commented 5 years ago

Hi @ajinkyas

The SAML IDP will not likely be in this upcoming release, but the following. Perhaps by the end of April?

For the non-admin dashboard, please do open a feature request to describe this feature and how you'd use it. This is not currently in plan, but it could be a useful feature.

If you are interested in purchasing support or professional services, these features can be prioritized. Let me know if you're interested.

Thanks!

robotdan commented 5 years ago

Currently targeted for the 1.6.0 milestone.

robotdan commented 5 years ago

Available in 1.6.0, enjoy! https://fusionauth.io/docs/v1/tech/samlv2/overview

Doc is in progress, should be complete this week.