SATOSA icon indicating copy to clipboard operation
SATOSA copied to clipboard

Published 20 hours ago verified publisher icon IdentityPython

Metadata

Proxy translating between different authentication protocols (SAML2, OpenID Connect and OAuth2)

SATOSA

PyPI

A configurable proxy for translating between different authentication protocols such as SAML2, OpenID Connect and OAuth2.

Table of Contents

  • Installation
    • Docker
    • Manual installation
      • Dependencies
      • Instructions
  • Configuration
    • SATOSA proxy configuration: proxy_conf.yaml.example
    • Attribute mapping configuration: internal_attributes.yaml
      • attributes
      • user_id_from_attrs
      • user_id_to_attr
  • Plugins
    • SAML2 plugins
      • Metadata
      • AuthnContextClassRef
      • Frontend
        • Custom attribute release
        • Policy
      • Backend
        • Name ID Format
        • Discovery service
        • ForceAuthn option
        • Memorize IdP
    • OpenID Connect plugins
      • Frontend
      • Backend
      • Social login plugins
        • Google
        • Facebook
    • Dummy adapters
    • Micro-services
  • Generating proxy metadata
  • Running the proxy application
  • External contributions

Use cases

In this section a set of use cases for the proxy is presented.

SAML2<->SAML2

There are SAML2 service providers for example Box which is not able to handle multiple identity providers. For more information about how to set up, configure and run such a proxy instance please visit Single Service Provider<->Multiple Identity providers

If an identity provider can not communicate with service providers in for example a federation the can convert request and make the communication possible.

SAML2<->Social logins

This setup makes it possible to connect a SAML2 service provider to multiple social media identity providers such as Google and Facebook. The proxy makes it possible to mirror a identity provider by generating SAML2 metadata corresponding that provider and create dynamic endpoint which are connected to a single identity provider.

For more information about how to set up, configure and run such a proxy instance please read SAML2<->Social logins

SAML2<->OIDC

The proxy is able to act as a proxy between a SAML2 service provider and a OpenID connect provider SAML2<->OIDC

Contact

If you have any questions regarding operations/deployment of SATOSA please use the satosa-users mailing list.

Metadata

186
Stars
118
Forks
Watchers

Owner

verified publisher icon IdentityPython

Metadata

Proxy translating between different authentication protocols (SAML2, OpenID Connect and OAuth2)

Back