PHPackages anglemx/onelogin-azure-saml-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. anglemx/onelogin-azure-saml-bundle ActiveSymfony-bundle[Authentication & Authorization](/categories/authentication) anglemx/onelogin-azure-saml-bundle ================================== OneLogin SAML Bundle for Symfony, hardcoded for Azure AD specs v1.1.6(2y ago)0206MITPHP Since Aug 2Pushed 2y ago2 watchersCompare [ Source](https://github.com/Angle/OneLoginAzureSamlBundle)[ Packagist](https://packagist.org/packages/anglemx/onelogin-azure-saml-bundle)[ Docs](https://github.com/Angle/OneLoginAzureSamlBundle)[ RSS](/packages/anglemx-onelogin-azure-saml-bundle/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (9)Dependencies (12)Versions (10)Used By (0) OneLoginAzureSamlBundle ======================= [](#oneloginazuresamlbundle) OneLogin SAML Bundle for Symfony, hardcoded for Azure AD specs Soft forked from v2.1 hardcoded for Azure AD. Current target: Symfony 5.4 LTS Design goals: - User should specify the "Azure App ID" and the rest of the SAML settings should be predefined and autowired. Required parameters: - azure\_app\_id (abcd123789....) - base\_url () - Create a command that outputs the current SP settings (basically, should print out the EntityID using the router) Installation ------------ [](#installation) Install with composer ``` composer require anglemx/onelogin-azure-saml-bundle ``` Enable the bundle in `config/bundles.php` if you're not using Symfony Flex. ``` return [ // ... Angle\OneLoginAzureSamlBundle\AngleOneLoginAzureSamlBundle::class => ['all' => true], ] ``` Configuration ------------- [](#configuration) *TO-DO* REFERENCE FROM hslavich repository Configure SAML ``` angle_one_login_azure_saml: azure_app_id: 'xxxXXXxxxXXX' azure_x509_cert: 'xxxXXXxxxXXXxxxXXXxxxXXXxxxXXXxxxXXXxxxXXXxxxXXX' # include protocol (http/https), but do NOT include a trailing slash app_base_url: 'https://myapp.com' ``` Configure SAML metadata in `config/packages/angle_one_login_azure_saml.yaml`. Check for more info. ``` angle_one_login_azure_saml: # Basic settings idp: entityId: 'http://id.example.com/saml2/idp/metadata.php' singleSignOnService: url: 'http://id.example.com/saml2/idp/SSOService.php' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' singleLogoutService: url: 'http://id.example.com/saml2/idp/SingleLogoutService.php' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' x509cert: '' sp: entityId: 'http://myapp.com/app_dev.php/saml/metadata' assertionConsumerService: url: 'http://myapp.com/app_dev.php/saml/acs' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' singleLogoutService: url: 'http://myapp.com/app_dev.php/saml/logout' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' privateKey: '' # Optional settings baseurl: 'http://myapp.com' strict: true debug: true security: nameIdEncrypted: false authnRequestsSigned: false logoutRequestSigned: false logoutResponseSigned: false wantMessagesSigned: false wantAssertionsSigned: false wantNameIdEncrypted: false requestedAuthnContext: true signMetadata: false wantXMLValidation: true relaxDestinationValidation: false destinationStrictlyMatches: true rejectUnsolicitedResponsesWithInResponseTo: false signatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' contactPerson: technical: givenName: 'Tech User' emailAddress: 'techuser@example.com' support: givenName: 'Support User' emailAddress: 'supportuser@example.com' administrative: givenName: 'Administrative User' emailAddress: 'administrativeuser@example.com' organization: en: name: 'Example' displayname: 'Example' url: 'http://example.com' ``` Custom notes: Azure App ID is used to cnstruct the EntityId and other URLs The setting `use_attribute_friendly_name` inside the security.yml should be FALSE: use\_attribute\_friendly\_name: false Azure AD configuration reference: ``` idp: entityId: 'https://login.microsoftonline.com/xxxXXXxxxXXX/saml2' singleSignOnService: url: 'https://login.microsoftonline.com/xxxXXXxxxXXX/saml2' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' singleLogoutService: url: 'https://login.microsoftonline.com/xxxXXXxxxXXX/saml2' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' x509cert: 'xxxXXXxxxXXXxxxXXXxxxXXXxxxXXXxxxXXXxxxXXXxxxXXX' sp: entityId: 'https://myapp.com/saml/metadata' assertionConsumerService: url: 'https://myapp.com/saml/acs' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' singleLogoutService: url: 'https://myapp.com/saml/logout' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' privateKey: '-----BEGIN PRIVATE KEY----- xxxXXXxxxXXXxxxXXXxxxXXXxxxXXXxxxXXX -----END PRIVATE KEY-----' # Optional settings baseurl: strict: true debug: true security: nameIdEncrypted: false authnRequestsSigned: false logoutRequestSigned: false logoutResponseSigned: false wantMessagesSigned: false wantAssertionsSigned: false wantNameIdEncrypted: false requestedAuthnContext: true signMetadata: false wantXMLValidation: true signatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' contactPerson: technical: givenName: 'Tech User' emailAddress: 'techuser@example.com' support: givenName: 'Support User' emailAddress: 'supportuser@example.com' ``` Configure SAML metadata in `config/packages/angle_one_login_azure_saml.yaml`. Check for more info. ``` angle_one_login_azure_saml: idp: entityId: '' angle_one_login_azure_saml: # Basic settings idp: entityId: 'http://id.example.com/saml2/idp/metadata.php' singleSignOnService: url: 'http://id.example.com/saml2/idp/SSOService.php' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' singleLogoutService: url: 'http://id.example.com/saml2/idp/SingleLogoutService.php' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' x509cert: '' sp: entityId: 'http://myapp.com/app_dev.php/saml/metadata' assertionConsumerService: url: 'http://myapp.com/app_dev.php/saml/acs' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' singleLogoutService: url: 'http://myapp.com/app_dev.php/saml/logout' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' privateKey: '' # Optional settings baseurl: 'http://myapp.com' strict: true debug: true security: nameIdEncrypted: false authnRequestsSigned: false logoutRequestSigned: false logoutResponseSigned: false wantMessagesSigned: false wantAssertionsSigned: false wantNameIdEncrypted: false requestedAuthnContext: true signMetadata: false wantXMLValidation: true relaxDestinationValidation: false destinationStrictlyMatches: true rejectUnsolicitedResponsesWithInResponseTo: false signatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' contactPerson: technical: givenName: 'Tech User' emailAddress: 'techuser@example.com' support: givenName: 'Support User' emailAddress: 'supportuser@example.com' administrative: givenName: 'Administrative User' emailAddress: 'administrativeuser@example.com' organization: en: name: 'Example' displayname: 'Example' url: 'http://example.com' ``` If you don't want to set contactPerson or organization, don't add those parameters instead of leaving them blank. Configure firewall and user provider in `config/packages/security.yaml` ``` security: # ... providers: saml_provider: # Basic provider instantiates a user with default roles saml: user_class: 'AppBundle\Entity\User' default_roles: ['ROLE_USER'] firewalls: app: pattern: ^/ saml: # Match SAML attribute 'uid' with username. # Uses getNameId() method by default. username_attribute: uid # Use the attribute's friendlyName instead of the name # NOTE: Azure requires this to be FALSE use_attribute_friendly_name: false check_path: saml_acs login_path: saml_login logout: path: saml_logout access_control: - { path: ^/saml/login, roles: PUBLIC_ACCESS } - { path: ^/saml/metadata, roles: PUBLIC_ACCESS } - { path: ^/, roles: ROLE_USER } ``` Edit your `config/routing` or `config/routes.yaml` depending on your Symfony version. ``` hslavich_saml_sp: resource: "@HslavichOneloginSamlBundle/Resources/config/routing.yml" ``` ### Health Score 28 — LowBetter than 54% of packages Maintenance31 Infrequent updates — may be unmaintained Popularity13 Limited adoption so far Community10 Small or concentrated contributor base Maturity49 Maturing project, gaining track record Bus Factor1 Top contributor holds 92.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~34 days Recently: every ~69 days Total 9 Last Release 736d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/7d6e948bf0d3782679f343c7fef49f90caafae0e802f32d74ba6ccc746ed2d42?d=identicon)[edmundofuentes](/maintainers/edmundofuentes) --- Top Contributors [![edmundofuentes](https://avatars.githubusercontent.com/u/936483?v=4)](https://github.com/edmundofuentes "edmundofuentes (12 commits)")[![alexhg11](https://avatars.githubusercontent.com/u/6727192?v=4)](https://github.com/alexhg11 "alexhg11 (1 commits)") --- Tags SSOsamlazureoneloginangle ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/anglemx-onelogin-azure-saml-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/anglemx-onelogin-azure-saml-bundle/health.svg)](https://phpackages.com/packages/anglemx-onelogin-azure-saml-bundle) ``` ### Alternatives [hslavich/oneloginsaml-bundle OneLogin SAML Bundle for Symfony 1482.5M1](/packages/hslavich-oneloginsaml-bundle)[nbgrp/onelogin-saml-bundle OneLogin SAML Symfony Bundle 551.2M](/packages/nbgrp-onelogin-saml-bundle)[sulu/sulu Core framework that implements the functionality of the Sulu content management system 1.3k1.3M152](/packages/sulu-sulu)[web-auth/webauthn-framework FIDO2/Webauthn library for PHP and Symfony Bundle. 50570.7k1](/packages/web-auth-webauthn-framework)[scheb/2fa Two-factor authentication for Symfony applications (please use scheb/2fa-bundle to install) 578630.7k1](/packages/scheb-2fa)[contao/core-bundle Contao Open Source CMS 1231.6M2.3k](/packages/contao-core-bundle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)