Application owners that intend to use SAML to enable SSO authentication for their app via the Azure identity provider need to select a SAML solution to set up the Service Provider (SP) side of the SAML scheme. The solution selected must provide all the resources required to handle SAML and give users SSO ability via Azure.

The following list provides examples of SAML solutions that can be adopted for your App to be able to “talk” SAML:

Server-Based SAML Solutions

Shibboleth (SP v3)
https://shibboleth.atlassian.net/wiki/spaces/SP3/overview

Simple SAML (PHP)
https://simplesamlphp.org/

Laravel PHP Frameworks (contains a SAML framework)
https://laravel.com/

Python SAML Toolkit
https://github.com/SAML-Toolkits/python-saml

Java
https://github.com/SAML-Toolkits/java-saml

Cloud SaaS SAML solutions

OKTA
https://developer.okta.com/docs/guides/oin-sso-overview/

Further information
https://en.wikipedia.org/wiki/SAML-based_products_and_services

Assumptions and Implications

• Developers must be familiar with the Base64 encoding algorithm.
• Developers must be familiar with the XML language, which is used extensively in SAML environments to send and receive SAML messages.
• A valid SSL certificate will be needed to deploy the SAML client. UTS can provide an SSL certificate at no cost via the Sectigo Certificate Authority.
• SAML integrations must follow best practices based on the guidelines here.