PHPackages madmatt/saml2 - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. madmatt/saml2 ActiveLibrary madmatt/saml2 ============= SAML2 PHP library from SimpleSAMLphp v2.0.1(10y ago)01.1k1LGPL-2.1PHPPHP >=5.3.3 Since Nov 5Pushed 10y ago2 watchersCompare [ Source](https://github.com/madmatt/saml2)[ Packagist](https://packagist.org/packages/madmatt/saml2)[ RSS](/packages/madmatt-saml2/feed)WikiDiscussions master Synced 2mo ago READMEChangelogDependencies (9)Versions (41)Used By (0) SimpleSAMLphp SAML2 library =========================== [](#simplesamlphp-saml2-library) \[[![Build Status](https://camo.githubusercontent.com/cb5374bb886a563b96090e90423a4e5dd1f5a060f4c00baf776edee12b82fd8c/68747470733a2f2f7472617669732d63692e6f72672f73696d706c6573616d6c7068702f73616d6c322e706e673f6272616e63683d666561747572652f6669782d6275696c64)](https://camo.githubusercontent.com/cb5374bb886a563b96090e90423a4e5dd1f5a060f4c00baf776edee12b82fd8c/68747470733a2f2f7472617669732d63692e6f72672f73696d706c6573616d6c7068702f73616d6c322e706e673f6272616e63683d666561747572652f6669782d6275696c64)\] () \[[![Coverage Status](https://camo.githubusercontent.com/65abf5f264d57455f0b1cbf389e13a9dd34fc77c690e59430e8f30e230f9086a/68747470733a2f2f696d672e736869656c64732e696f2f636f766572616c6c732f73696d706c6573616d6c7068702f73616d6c322e737667)](https://camo.githubusercontent.com/65abf5f264d57455f0b1cbf389e13a9dd34fc77c690e59430e8f30e230f9086a/68747470733a2f2f696d672e736869656c64732e696f2f636f766572616c6c732f73696d706c6573616d6c7068702f73616d6c322e737667)\] () A PHP library for SAML2 related functionality. Extracted from [SimpleSAMLphp](https://www.simplesamlphp.org), used by [OpenConext](https://www.openconext.org). This library started as a collaboration between [UNINETT](https://www.uninett.no) and [SURFnet](https://www.surfnet.nl) but everyone is invited to contribute. Before you use it ----------------- [](#before-you-use-it) **DO NOT USE THIS LIBRARY UNLESS YOU ARE INTIMATELY FAMILIAR WITH THE SAML2 SPECIFICATION.** If you are not familiar with the SAML2 specification and are simply looking to connect your application using SAML2, you should probably use [SimpleSAMLphp](https://www.simplesamlphp.org). While this library is tagged as stable it is currently not very developer friendly and its API is likely to change significantly in the future. It is however a starting point for collaboration between parties. So let us know what you would like to see in a PHP SAML2 library. Note that the **HTTP Artifact Binding and SOAP client do not work** outside of SimpleSAMLphp. Which version to pick? ---------------------- [](#which-version-to-pick) It is **strongly recommended** to use the latest stable version of the `2.x` range as that is the currently supported version. The `1.x` range should be considered deprecated. This means it will receive fixes and, if required, functionality may be backported. This version should only be relied on if migrating the project to the `2.x` range cannot be done yet. The `0.x` range is discontinued and will no longer receive any fixes or features. The `0.x` range however is functionally the same as the `1.x` range. Should your project or a dependency of your project rely on a `0.x` version [composer inline aliasing](https://getcomposer.org/doc/articles/aliases.md#require-inline-alias) will help, by using `composer require "simplesamlphp/saml2:1.7.0 as 0.8"` allows to install 1.7.0 as if 0.8 were installed. Usage ----- [](#usage) - Install with [Composer](https://getcomposer.org/doc/00-intro.md), run the following command in your project: ``` composer require simplesamlphp/saml2:^2.0 ``` - Provide the required external dependencies by extending and implementing the `SAML2\Compat\AbstractContainer`then injecting it in the ContainerSingleton (see example below). - **Make sure you've read the security section below** - Use at will. Example: ``` // Use Composers autoloading require 'vendor/autoload.php'; // Implement the Container interface (out of scope for example) require 'container.php'; SAML2\Compat\ContainerSingleton::setContainer($container); // Set up an AuthnRequest $request = new SAML2\AuthnRequest(); $request->setId($container->generateId()); $request->setIssuer('https://sp.example.edu'); $request->setDestination('https://idp.example.edu'); // Send it off using the HTTP-Redirect binding $binding = new SAML2\HTTPRedirect(); $binding->send($request); ``` Security -------- [](#security) - Should you need to create a DOMDocument instance, use the `SAML2\DOMDocumentFactory` to create DOMDocuments from either a string (`SAML2\DOMDocumentFactory::fromString($theXmlAsString)`), a file (`SAML2\DOMDocumentFactory::fromFile($pathToTheFile)`) or just a new instance (`SAML2\DOMDocumentFactory::create()`). This in order to protect yourself against the [XXE Processing Vulnerability](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing), as well as [XML Entity Expansion](https://phpsecurity.readthedocs.org/en/latest/Injection-Attacks.html#defenses-against-xml-entity-expansion) attacks License ------- [](#license) This library is licensed under the LGPL license version 2.1. For more details see [LICENSE](https://raw.github.com/simplesamlphp/saml2/master/LICENSE). ### Health Score 34 — LowBetter than 77% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity15 Limited adoption so far Community21 Small or concentrated contributor base Maturity70 Established project with proven stability Bus Factor1 Top contributor holds 56% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~23 days Recently: every ~6 days Total 36 Last Release 3777d ago Major Versions v0.7.0 → v1.6.12015-07-13 v0.8.0 → v1.7.02015-10-06 v0.8.1 → v1.7.12015-12-17 v1.7.1 → v2.0.02015-12-22 v1.7.2 → v2.0.12016-01-11 ### Community Maintainers ![](https://www.gravatar.com/avatar/a496a763166447513522eeff7b822da348a006ce474e5224b1fddbd839c736dc?d=identicon)[madmatt](/maintainers/madmatt) ![](https://www.gravatar.com/avatar/f6a363b2d85dc3e82e73cc9e3a57fc15132920b166c5938ad63a54029b9f94b9?d=identicon)[tractorcow](/maintainers/tractorcow) --- Top Contributors [![olavmrk](https://avatars.githubusercontent.com/u/349658?v=4)](https://github.com/olavmrk "olavmrk (1673 commits)")[![andreassolberg](https://avatars.githubusercontent.com/u/101361?v=4)](https://github.com/andreassolberg "andreassolberg (1099 commits)")[![jaimeperez](https://avatars.githubusercontent.com/u/1942728?v=4)](https://github.com/jaimeperez "jaimeperez (79 commits)")[![thijskh](https://avatars.githubusercontent.com/u/3808792?v=4)](https://github.com/thijskh "thijskh (36 commits)")[![lon](https://avatars.githubusercontent.com/u/462659?v=4)](https://github.com/lon "lon (36 commits)")[![soyunalavadora](https://avatars.githubusercontent.com/u/133754?v=4)](https://github.com/soyunalavadora "soyunalavadora (18 commits)")[![cb8](https://avatars.githubusercontent.com/u/10119913?v=4)](https://github.com/cb8 "cb8 (16 commits)")[![br00k](https://avatars.githubusercontent.com/u/2971381?v=4)](https://github.com/br00k "br00k (6 commits)")[![DRvanR](https://avatars.githubusercontent.com/u/1422284?v=4)](https://github.com/DRvanR "DRvanR (5 commits)")[![olavmo-sikt](https://avatars.githubusercontent.com/u/98447575?v=4)](https://github.com/olavmo-sikt "olavmo-sikt (4 commits)")[![madmatt](https://avatars.githubusercontent.com/u/893117?v=4)](https://github.com/madmatt "madmatt (2 commits)")[![brianV](https://avatars.githubusercontent.com/u/272424?v=4)](https://github.com/brianV "brianV (2 commits)")[![relaxnow](https://avatars.githubusercontent.com/u/524386?v=4)](https://github.com/relaxnow "relaxnow (2 commits)")[![jas4711](https://avatars.githubusercontent.com/u/531817?v=4)](https://github.com/jas4711 "jas4711 (2 commits)")[![tamlyn](https://avatars.githubusercontent.com/u/115310?v=4)](https://github.com/tamlyn "tamlyn (1 commits)")[![scalrow](https://avatars.githubusercontent.com/u/7111945?v=4)](https://github.com/scalrow "scalrow (1 commits)")[![mshikaji](https://avatars.githubusercontent.com/u/67305?v=4)](https://github.com/mshikaji "mshikaji (1 commits)")[![Maks3w](https://avatars.githubusercontent.com/u/1301698?v=4)](https://github.com/Maks3w "Maks3w (1 commits)")[![caffeineinc](https://avatars.githubusercontent.com/u/270384?v=4)](https://github.com/caffeineinc "caffeineinc (1 commits)") ### Code Quality TestsPHPUnit Code StylePHP\_CodeSniffer ### Embed Badge ![Health badge](/badges/madmatt-saml2/health.svg) ``` [![Health](https://phpackages.com/badges/madmatt-saml2/health.svg)](https://phpackages.com/packages/madmatt-saml2) ``` ### Alternatives [litesaml/lightsaml SAML 2.0 PHP library 1055.5M18](/packages/litesaml-lightsaml)[elgg/elgg Elgg is an award-winning social networking engine, delivering the building blocks that enable businesses, schools, universities and associations to create their own fully-featured social networks and applications. 1.7k15.7k5](/packages/elgg-elgg)[api-platform/metadata API Resource-oriented metadata attributes and factories 223.5M96](/packages/api-platform-metadata)[phpro/http-tools HTTP tools for developing more consistent HTTP implementations. 28137.8k](/packages/phpro-http-tools)[flowwow/cloudpayments-php-client cloudpayments api client 2188.2k](/packages/flowwow-cloudpayments-php-client)[aedart/athenaeum Athenaeum is a mono repository; a collection of various PHP packages 245.2k](/packages/aedart-athenaeum) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)