Download the PHP package rohit-raj-verma/pimcore-msentra-saml-login without Composer
On this page you can find all versions of the php package rohit-raj-verma/pimcore-msentra-saml-login. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download rohit-raj-verma/pimcore-msentra-saml-login
More information about rohit-raj-verma/pimcore-msentra-saml-login
Files in rohit-raj-verma/pimcore-msentra-saml-login
Package pimcore-msentra-saml-login
Short Description SAML 2.0 Single Sign-On (SSO) bundle for Pimcore 11 admin with Microsoft Entra ID (Azure AD) support and auto user provisioning
License MIT
Informations about the package pimcore-msentra-saml-login
SSOBundle
A Pimcore bundle that adds SAML 2.0 based Single Sign-On (SSO) to the Pimcore admin login. Supports Microsoft Entra ID (Azure AD) and other SAML 2.0 compliant Identity Providers.
Features
- SAML 2.0 Authentication: Full SAML 2.0 SP (Service Provider) implementation for Pimcore admin
- Custom Login Page: Adds a "Login with SSO" button alongside the standard username/password form
- Auto User Provisioning: Automatically creates Pimcore admin users on first SSO login
- User Sync: Updates user profile (name, email) from IdP attributes on each login
- MS Entra ID Support: Built-in support for Microsoft Entra ID (Azure AD) SAML attribute mapping
- Environment-Based Config: Configure SP settings via environment variables
Requirements
- Pimcore 11.x
- PHP 8.1 or higher
Installation
Step 1: Install via Composer
Step 2: Enable the Bundle
Add the bundle to your config/bundles.php:
Step 3: Configure Environment Variables
Add the following variables to your .env file:
| Variable | Description | Example |
|---|---|---|
SAML_SP_ENTITY_ID |
The Entity ID of your Identity Provider (IdP) | https://sts.windows.net/{tenant-id}/ |
SAML_SP_REPLY_URL |
The ACS (Assertion Consumer Service) URL — your Pimcore domain + /saml/acs |
https://example.com/saml/acs |
Step 4: Configure Identity Provider Metadata
Replace the placeholder values in vendor/rohit-raj-verma/pimcore-sso-bundle/Resources/config/saml-idp.xml with your IdP metadata, or copy the file to your project config directory.
For Microsoft Entra ID (Azure AD):
- Go to Azure Portal > Enterprise Applications > Your App > Single sign-on
- Download the Federation Metadata XML
- Copy the
entityIDandSingleSignOnService Locationvalues intosaml-idp.xml
Example saml-idp.xml:
Step 5: Configure Azure AD / MS Entra (IdP Side)
In your Identity Provider, configure the following:
| Setting | Value |
|---|---|
| Identifier (Entity ID) | https://your-pimcore-domain.com/saml/acs (same as SAML_SP_REPLY_URL) |
| Reply URL (ACS URL) | https://your-pimcore-domain.com/saml/acs |
| Sign-on URL | https://your-pimcore-domain.com/saml/login |
Required SAML Claims / Attributes:
| Claim | Description |
|---|---|
emailaddress |
User's email (used as Pimcore username) |
displayname |
User's full name |
givenname |
First name (optional, fallback) |
surname |
Last name (optional, fallback) |
Step 6: Clear Cache
Usage
After installation, the Pimcore admin login page will display a "Login with SSO" button below the standard login form.
Login Flow
- User clicks "Login with SSO" on the Pimcore admin login page
- The bundle sends a SAML AuthnRequest to the configured IdP
- User authenticates with the IdP (e.g., Microsoft login)
- IdP sends a SAML Response back to
/saml/acs - The bundle validates the response and extracts user attributes
- If the user doesn't exist in Pimcore, a new admin user is created automatically
- User is logged into Pimcore admin
Routes
| Route | Path | Description |
|---|---|---|
saml_login |
/saml/login |
Initiates the SAML authentication request |
saml_acs |
/saml/acs |
Assertion Consumer Service — receives the IdP response |
How It Works
- RequestService: Builds and sends SAML 2.0 AuthnRequest to the IdP using HTTP-Redirect binding
- ResponseService: Receives and validates the SAML Response from the IdP, extracts user attributes
- UserService: Creates or updates Pimcore admin users based on SAML attributes
- ContainerService: Provides the SAML2 library container implementation (logging, ID generation, etc.)
- Login Template Override: Overrides the default Pimcore admin login template to add the SSO button
License
This bundle is released under the MIT License.
All versions of pimcore-msentra-saml-login with dependencies
pimcore/pimcore Version ^11.0
pimcore/admin-ui-classic-bundle Version ^1.0
simplesamlphp/saml2 Version ^5.0
nyholm/psr7 Version ^1.5