Joomla - SSO Configuration
This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk.
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Joomla using Multi-Pass. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with Joomla, ensure you meet the following requirements:
- Joomla admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in Joomla are registered in your IdP and have the necessary permissions to access Joomla.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
Joomla - SSO Configuration
Step 1 - Configure Joomla (Service Provider)
- Download the Plugin Extension from this link.
- Log into your Joomla site’s Administrator console.
- From the left toggle menu, click on System, then under Install section click on Extensions.
- Click Or Browse File and upload the Plugin Extension you downloaded.
- If successful, a banner will show saying “Installation of the package was successful.”
- Click Get Started!
- Browse to the Service Provider Metadata tab and select Download metadata XML.
- Go to the Service Provider Setup tab.
- Beside Enter Metadata URL, enter:
- Select Fetch.
Step 2 - Configure Multi-Pass (Identity Provider)
- Select the correct tenant and go to Integrations, then click on Applications.
- Select SAML in the custom integration section.
- Select Upload File and upload the Joomla metadata XML file you obtained earlier.
- Confirm and complete the remaining fields as shown below:
Application Settings
| Field | Value |
|---|---|
| Client ID (=SP Entity ID) | http://<HOSTNAME>/<JOOMLA_SITE>/plugins/authentication/miniorangesaml |
| Name | joomla |
| Description | Joomla SSO integration |
| Assertion Consumer Service URL | http://<HOSTNAME>/<JOOMLA_SITE>/?morerequest=acs |
| NameID Policy Format |
- Go to the Advanced Console by clicking on the right side of your screen
- Click on Client and use the search bar to search for Joomla
- Make sure all the fields are populated:
General Settings (Multi-Pass)
| Field | Value |
|---|---|
| Client ID | http://<HOSTNAME>/<JOOMLA_SITE>/plugins/authentication/miniorangesaml |
| Name | Joomla |
| Description | Joomla SSO integration |
| Always display in UI | ON |
Access Settings (Multi-Pass)
| Field | Value |
|---|---|
| Home URL (IdP-initiated) | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml/clients/<APP_NAME> |
| Valid Redirect URIs (ACS) | http://<HOSTNAME>/<JOOMLA_SITE>/?morerequest=acs |
| IDP-Initiated SSO URL Name | <APP_NAME> |
SAML Capabilities
| Setting | Value |
|---|---|
| Name ID Format | |
| Force Name ID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
Signature & Encryption
| Setting | Value |
|---|---|
| Sign Documents | OFF |
| Sign Assertions | ON |
- Move to the tab Keys and ensure that both parameters are set to OFF.
- Go to the Advanced tab and set Assertion Consumer Service POST Binding URL to:
http://<HOSTNAME>/<JOOMLA_SITE>/?morerequest=acs
Related Articles
D2L Brightspace - SSO Integration
This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a step-by-step guide to ...Mulesoft - SSO Integration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Mulesoft using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...Miro - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Miro using MPAS. SSO simplifies user authentication by allowing access to multiple ...Pipedrive – SSO configuration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Pipedrive using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...