Forum Discussion

Darshan1855's avatar
Darshan1855
Copper Contributor
Nov 12, 2020

How to integrate SSO for Php codeigniter application

Hi, I have one independent application developed in PHP codeigniter framework but how to integrate or provide SAML single sign on option in AZURE AD

  • manojsworld's avatar
    manojsworld
    Copper Contributor

    Darshan1855 

    Integrating SSO (Single Sign-On) with Azure AD into a PHP CodeIgniter application involves several steps. Here's a general guide to help you get started:

    1. Register your Application in Azure AD:

      • Log in to the Azure portal.
      • Navigate to Azure Active Directory > App registrations > New registration.
      • Provide a name for your application, and choose the appropriate Supported account types.
      • For the Redirect URI, specify the URL where Azure AD will send the authentication response (e.g., https ://yourdomain.com/auth/saml_callback).
      • Once the application is registered, note down the Application (client) ID and Tenant ID. You'll need these later.
    2. Configure SAML-based SSO in Azure AD:

      • In the Azure portal, navigate to your registered application.
      • Go to Authentication > Add a platform > SAML-based SSO.
      • Enter the appropriate Sign-on URL and Identifier (these should correspond to your application).
      • Upload the SAML Signing Certificate.
      • Save your changes.
    3. Install SAML Library:

      • PHP does not have built-in support for SAML, so you'll need to use a library. One commonly used library is simplesamlphp.
      • Install simplesamlphp library in your project. You can either download it manually or use Composer.
    4. Configure simplesamlphp:

      • Configure simplesamlphp by providing the necessary settings for Azure AD.
      • You'll need to configure metadata for Azure AD. This includes the Azure AD Identifier, Certificate fingerprint, etc.
    5. Implement SSO in CodeIgniter:

      • Create a controller and views to handle SAML authentication.
      • Use the simplesamlphp library to initiate the authentication process.
      • Define routes in CodeIgniter to handle authentication callbacks.
    6. Test your Integration:

      • Ensure that your CodeIgniter application redirects users to Azure AD for authentication.
      • Verify that users can log in using their Azure AD credentials.
      • Test the SSO flow thoroughly to ensure it works as expected.

    Don't forget to conduct thorough testing, including penetration testing and code reviews,  and implement top CodeIgniter security practices to avoid any security weaknesses before deployment.

Share

Resources