PHPackages blaster32blaster/okta-saml-sso - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. blaster32blaster/okta-saml-sso ActiveLibrary[Authentication & Authorization](/categories/authentication) blaster32blaster/okta-saml-sso ============================== SSO for Laravel with Okta 3.0.0(7mo ago)0669↓100%MITPHPPHP ^8.1.0CI passing Since Nov 28Pushed 7mo agoCompare [ Source](https://github.com/blaster32blaster/okta-saml-sso)[ Packagist](https://packagist.org/packages/blaster32blaster/okta-saml-sso)[ RSS](/packages/blaster32blaster-okta-saml-sso/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (2)Dependencies (9)Versions (4)Used By (0) Okta SAML SSO for Laravel ========================= [](#okta-saml-sso-for-laravel) [![Latest Version on Packagist](https://camo.githubusercontent.com/d2e66ebcddc22b080f407930df844236c7ec14a973c4be21ca2fab176979052f/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f706f63686f63686f2f6f6b74612d73616d6c2d73736f2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/pochocho/okta-saml-sso)[![GitHub Tests Action Status](https://camo.githubusercontent.com/135182e6541ac7658ee7ef22d23904f87709531cdd3b847ec87a3ee6f635d507/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f776f726b666c6f772f7374617475732f706f63686f63686f2f6f6b74612d73616d6c2d73736f2f72756e2d74657374733f6c6162656c3d7465737473)](https://github.com/pochocho/okta-saml-sso/actions?query=workflow%3Arun-tests+branch%3Amain)[![GitHub Code Style Action Status](https://camo.githubusercontent.com/4ecf3bda72d9f09f8a9db1df37a10429bc90fdefaaf56bd8624d4b5d82343744/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f776f726b666c6f772f7374617475732f706f63686f63686f2f6f6b74612d73616d6c2d73736f2f466978253230504850253230636f64652532307374796c652532306973737565733f6c6162656c3d636f64652532307374796c65)](https://github.com/pochocho/okta-saml-sso/actions?query=workflow%3A%22Fix+PHP+code+style+issues%22+branch%3Amain)[![Total Downloads](https://camo.githubusercontent.com/f7ba487bb4794e54032a284a3e29623adad51a1fc46c9a79149613a1712400c9/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f706f63686f63686f2f6f6b74612d73616d6c2d73736f2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/pochocho/okta-saml-sso) This package provide a simple to use implementation for implementing Okta SAML Login to the app. The package assists in receiving the SAML Response and Getting the Installation ============ [](#installation) ``` composer require pochocho/okta-saml-sso ``` Generate your certificate, if you want to generate a self signed certificate, you can follow the command as an example: > Note: by default, this package expects the certificate and key to be at the root of your projects directory. **Remember to add both files to .gitignore** ``` openssl req -x509 -newkey rsa:2048 -nodes -keyout oktasso.key -out oktasso.crt -days 365 ``` Creating and Configuring Okta App ================================= [](#creating-and-configuring-okta-app) Create your Okta app, Select SAML 2.0 as the Sign-in Method. in the form the `Single sign on URL` refers to url in your app that Okta will send a `POST` request to after successful authentication. `Audience URI` is the URL where you are publishing public information about its SAML configuration (the metadata) `Default RelayState` is the URL that Okta will redirect to after successfull login. On this form you can also set the `Attribute Statements` and map them to profile fields. This package assumes snake\_case naming conventions on the attributes (e.g first\_name, las\_name, email, etc) After configuring the app, visit the signon tab and click on the "View SAML Setup Instructions", once the page loads download the certificate file and place it in the root of your application call it `idp.cert` **important: do not commit this file to version control** configuration ------------- [](#configuration) The following values must be set in hour `.env` `OKTA_SIGNON_URL`: You can get this value from your Okta Admin Dashboard, by going to the "Sign On" tab on your SAML app and clicking on the "View SAML setup Instructions" button. Use the "Identity Provider Single Sign-On URL" value. `LOGIN_REDIRECT_ROUTE`:This is the route name where you want your users to be redirected logging in. You can also publish the configuration file by running ``` php artisan vendor:publish --tag=okta-saml-sso ``` The package assumes that a cert and key file exist at the root directory of the project, named oktasso.crt and oktasso.key: - `OKTA_CERTIFICATE_PATH` path to the certificate file - `OKTA_KEY_PATH` path to the key file - `OKTA_ATTRIBUTE_STATEMENTS` Comma separated list of attribute statements setup in Okta (default value: `'first_name','last_name','email','groups'`) If your application does not use the User model for authentication, you can configure the model with the `OKTA_AUTHENTICATABLE_MODEL` key on the env. Usage ===== [](#usage) Provided -------- [](#provided) The easiest way to use the package is by using the provided controllers. The package provides 2 controllers one if you are using encryption, and another if you are not. To get started register the route in the `web.php` routes file ``` Route::post('/login', \Pochocho\OktaSamlSso\Http\Controllers\EncryptedLoginController::class)->name('login'); ``` > **NOTE:** Since Okta sends a post request to the app once authentication is completed, we need to ignore the login route from csrf validation. You can do this by adding the login url to the `VerifyCsrfToken` middleware in the application. Register the `SsoAuthenticate` Middleware in the Http Kernel. You can either substitute the `auth` middleware or create your own. ``` 'auth' => \Pochocho\OktaSamlSso\Http\Middleware\SsoAuthenticate::class, ``` Add the new middleware to your auth protected routes, try loading a proteted route and you should be redirected to the Okta login flow. Custom ------ [](#custom) You can implement your own controller and use the `OktaSaml` class to handle the assertions from the Okta SAML Response. The class provides two methods one for un-encrypted SAML Responses `$oktaSaml->getEntity()` and another for encrypted responses `$oktaSaml->getEncryptedEntity()`. The OktaSaml Class is bound to the IoC Container and can be resolved through dependency injection or by using `app()->make(Pochocho\OktaSamlSso\OktaSaml::class);` ### Health Score 40 — FairBetter than 88% of packages Maintenance62 Regular maintenance activity Popularity17 Limited adoption so far Community12 Small or concentrated contributor base Maturity57 Maturing project, gaining track record Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~511 days Total 3 Last Release 237d ago Major Versions v1.0.0 → 2.0.02025-09-15 2.0.0 → 3.0.02025-09-15 ### Community Maintainers ![](https://www.gravatar.com/avatar/6d46a32877a9352249f6320335ec98fe999778342ac5d8a2db76d08516e10b13?d=identicon)[blaster32blaster](/maintainers/blaster32blaster) --- Top Contributors [![pochocho](https://avatars.githubusercontent.com/u/1001664?v=4)](https://github.com/pochocho "pochocho (21 commits)")[![frankperez87](https://avatars.githubusercontent.com/u/467730?v=4)](https://github.com/frankperez87 "frankperez87 (16 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (12 commits)")[![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4)](https://github.com/github-actions[bot] "github-actions[bot] (9 commits)")[![rexs123](https://avatars.githubusercontent.com/u/12556337?v=4)](https://github.com/rexs123 "rexs123 (7 commits)")[![blaster32blaster](https://avatars.githubusercontent.com/u/7333448?v=4)](https://github.com/blaster32blaster "blaster32blaster (4 commits)") ### Code Quality TestsPHPUnit Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/blaster32blaster-okta-saml-sso/health.svg) ``` [![Health](https://phpackages.com/badges/blaster32blaster-okta-saml-sso/health.svg)](https://phpackages.com/packages/blaster32blaster-okta-saml-sso) ``` ### Alternatives [tymon/jwt-auth JSON Web Token Authentication for Laravel and Lumen 11.5k49.1M347](/packages/tymon-jwt-auth)[php-open-source-saver/jwt-auth JSON Web Token Authentication for Laravel and Lumen 8359.8M53](/packages/php-open-source-saver-jwt-auth)[laragear/two-factor On-premises 2FA Authentication for out-of-the-box. 339785.3k8](/packages/laragear-two-factor)[codegreencreative/laravel-samlidp Make your PHP Laravel application an Identification Provider using SAML 2.0. This package allows you to implement your own Identification Provider (idP) using the SAML 2.0 standard to be used with supporting SAML 2.0 Service Providers (SP). 263763.5k1](/packages/codegreencreative-laravel-samlidp)[alajusticia/laravel-logins Session management in Laravel apps, user notifications on new access, support for multiple separate remember tokens, IP geolocation, User-Agent parser 2011.0k](/packages/alajusticia-laravel-logins)[aedart/athenaeum Athenaeum is a mono repository; a collection of various PHP packages 255.2k](/packages/aedart-athenaeum) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)