search

flipboxfactory / saml-sp

SAML Service Provider (SP) Plugin for Craft CMS
https://saml-sp.flipboxfactory.com/
Other
19 stars 5 forks source link

Multiple Azure AD IdPs with One Craft Instance/Service Provider #108

Closed dsmrt closed 3 years ago

dsmrt commented 3 years ago

Stemming from enhancements requested in #101.

Since Azure AD requires the Service Provider Entity ID to match their application ID, it's impossible to add multiple Azure AD IdPs.

Maintainer note: This is an edge case but the patch for this problem actually solves and issue with implicitly finding the SP/My Prodvider, which I'd like to move away from.

dsmrt commented 3 years ago

As for implicit sp matching issue

Updated this in https://github.com/flipboxfactory/saml-sp/releases/tag/2.6.7 You can now specify the service provider and the IdP when requesting login. Details are in the docs here: https://saml-sp.flipboxfactory.com/configure/login.html#🆕-specifying-service-provider-my-provider

This fixes the problem of implicit SP matching. So know you could have multiple service providers that match up to the same site and have different configurations.

As for Azure AD

After some discovery, I found a way to get around the need to overwrite the entity id with the app id. Please check out the video walkthrough here: https://saml-sp.flipboxfactory.com/idps/azure-ad.html#azure-ad