Web Development

Integrate Magento SSO with your Web

admin — Sun, 19 Sep 2021 04:07:03 +0000

Integrate Magento SSO with your Web admin Sun, 09/19/2021 - 11:07

Magento 2 SSO or Magento 2 Single Sign-On module allows the integration of the Magento store with third-party applications. The user can sign-in to the third-party applications through their Magento 2 sign-up credentials.

Using Magento 2 Single Sign-On, the admin can easily integrate multiple clients for Single Sign-On using their Magento credentials. The admin can also integrate the UVdesk support portal with the user’s Magento store.

Features Of Magento 2 SSO

The admin can allow the users to log-in to third-party applications by their Magento credentials.
There is no need for the user to remember multiple login access of other portals like support portal.
A user can sign in automatically on a third-party application.
The admin can easily integrate multiple clients for client Single Sign-On login.
It is easy for the admin to manage (add/view/edit/delete) all the SSO integrations.
It helps the admin to integrate the UVdesk support portal with the Magento store.
The admin’s UVdesk support portal can be integrated with his Magento Store.
It supports the LDAP server integration for Single Sign-On.
It also helps synchronize the newly created customers on Magento2 store with LDAP server.

Installation Of Magento 2 SSO

The user will get a zip folder and they have to extract the contents of this zip folder on their system. This folder has an src folder and inside the src folder, there is an app folder.

User needs to transfer this app folder into the Magento2 root directory on the server as shown below.

Thereafter, the user has to run the commands mentioned below in the Magento2 root directory:

First command – php bin/magento setup:upgrade

Second Command – php bin/magento setup:di:compile

Third Command – php bin/magento setup:static-content:deploy

Fourth Command – composer require firebase/php-jwt

After moving the app folder the user has to flush the cache from the Magento admin panel by navigating through->System->Cache management as shown below.

Note: One must install and enable the PHP Extension LDAP in order to use the LDAP feature in Magento 2 SSO.

LDAP Configuration

Firstly, the user will have to authenticate with the Magento2 LDAP Server.

On logging in to the LDAP admin page, the Login DN and Password is to be provided as shown in the image below and click Authenticate.

Simply, click Create new entry here to create an organisational unit as shown below.

Right after, it a page will load up with listed templates. the user needs to select the Organisational Unit checkbox.

Further, you need to enter the name of the organisational unit and click Create Object.

The Create LDAP Entry page will open simply click on the Commit and proceed.

Note:

The created organisational unit here at the LDAP server needs to be entered in the admin configuration section.
Since the LDAP server is synchronized with the Magento 2 module. Using this we can also create a customer here and that customer will be directly able to log in to the used integration.
If the synchronization is turned on the customer created at the admin backend will be visible here as well.

The user can navigate through Stores > Sso Connector > LDAP Configuration so as to set the configurations of the LDAP as shown in the image below.

The admin can set the configurations for the LDAP as follows:

Enabled: The admin can enable or disable Single Sign-On through the LDAP server.

Customer Synchronization: The admin can enable or disable the customer synchronization of newly created customers on Magento 2 store with the LDAP server.

Server IP: The admin needs to add the IP of the server.

Port: The port number is to be added by the admin.

Organizational Unit: The created organisational unit at the LDAP server needs to be entered here in this section.

Domain Component: It is retrieved from the LDAP admin page.

Admin User: We need to enter the LDAP User name over here.

Password: Add the password for the Admin User.

Admin Magento 2 SSO Integration Management

The admin can manage multiple integrations by simply adding/editing/deleting the integration. The admin can add new integrations by navigating through Admin Login -> SSO in the admin panel.

The configurations are set by the admin as follows:

Add New Integration: On clicking the “Add New Integration” tab the admin can create a new integration.
View the integrations along with the details such as the Name of the client and the URL.
Edit an integration by clicking the “Edit” button in the Action column.

Configuring a New Integration

The admin can add new integration by navigating through SSO -> Add New Integration.

On the New Integration page, the admin can configure the Client Details and the Client Credentials.

The admin can configure the ‘Name’ and the ‘Url’ against the Client Details tab as shown in the image below.

The admin can configure the following details:

Name – The name of the client who can log in using the Magento 2 credentials.
Url – URL link of the website for SSO integration. If the client cancels the authorization process, it redirects the client to this URL.

As soon as the admin clicks on the “Save” button, it saves the details of the client and generates the credentials, automatically.

The admin can view the ‘Consumer Id’ and the ‘Consumer Secret Key’ credentials under the Client Credentials tab as shown in the image below.

The admin can simply “Edit” the integration and “View” it. If need be, the admin can make changes in the integration and save it, or even delete the integration.

UVdesk Support Portal Integration

Please Note: To integrate the Magento store with UVdesk the admin must have a UVdesk admin account. The admin can Sign up for free at UVdesk to have the UVdesk admin account.

Benefits Of UVdesk Support Portal Integration For SSO

The admin can integrate the UVdesk support portal with the Magento Store.
The admin’s users can log-in to the UVdesk support portal via Magento login credentials.
The users will be automatically signed-in to the UVdesk support portal of the client.
After logging in using the Magento credentials, the user can create a ticket for any support query from the UVdesk portal.

Please Note: Download Magento 2 SSO (of UVdesk) for free from the UVdesk admin panel. Click here to learn about Magento 2 SSO (of UVdesk) installation and configuration.

UVdesk Integration At Magento 2 Admin Panel

The admin can add integration for UVdesk by navigating through SSO -> Add New Integration -> Client Details.

Name – The name of the user for which the admin shall create the SSO integration.
URL – Add the link of the UVdesk support portal of the admin and save the configurations thereafter.

The admin can use the Consumer Id at UVdesk admin panel for configuring the Magento 2 SSO under SSO -> Add New Integration -> Edit (required integration) -> Client Credentials -> Consumer Id.

UVdesk Magento 2 SSO Configuration

The admin will have to configure the Magento 2 SSO at UVdesk admin panel.

Store Name of the Magento 2.
Consumer Id which was created at Magento 2 admin panel.
Consumer Secret Key which was created at Magento 2 admin panel.
Website URL of the Magento 2 store login.

Front View For The Users

After the successful integration of UVdesk to the Magento 2, the user will see an option of “Continue with Magento 2 User“. By this option, the user can sign-in to the UVdesk support portal of the admin.

After clicking the “Continue with Magento 2 User” button the user will be redirected to Magento store login.

Tapping the Sign In button brings up the section where the user needs to provide the authorization for accessing the profile as shown below in the snapshot.

Tapping the respective “Continue as Demo” button will redirect the user to the UVdesk portal.

The user may choose to click on the “Cancel” tab as shown in the image below.

As the user clicks on the “Cancel” tab, it redirects the user to the Sign In page as shown in the image below.

Third-party integration like (asp.net, Java, PHP, etc.)

Follow the below steps to integrate the Magento 2 SSO with third-party integration like asp.net, Java, PHP, etc.

1.) Create a button at the client end (like asp.net) to login from Magento. After hitting that button redirect to the following URL.

API to get the token

API Resource :

magentobaseurl/sso/sso/index/redirect_uri/#value/client_id/#value

Method: GET

Response: redirecturl?token=#tokenval

Description: get the token

Note: that redirect_uri and client_id is mandatory field append to URL

2.) After that, at the API end(Magento end) client id will verify that the client is registered at the Magento end or not? If the customer is registered then a login page will appear to log in.

After login, a page appears with authorizing and cancel button. If authorized then a token will be provided and append in the redirect URL. But if the client is already login with some account then a page appears with authorizing and cancel button.

If the client is not authorized then an error message will be shown or the user cancels to authorize then it redirects to the redirect URL.

3.)After that client will hit again the Magento SSO module API with the provided token and client id

API to get the Magento user email information

API Resource :

magentobaseurl/sso/sso/accesscustomerdata/client_id/#value/authToken/#value

Method: GET

Response: JWT encoded string or Array(with error key)

Description: get the user email information

if client_id and auth token verified we send the customer email and name with the expiration of 2 minutes encoded by JWT using client secret key else error will be provided in $response[‘error] form

The client has to decode the data using JWT via the client secret key generated at Magento end with a success or error field.

API to check the detail entered at the client end (UVdesk, asp.net) correct or not

API Resource :

magentobaseurl/sso/sso/checkcredential/client_id/#value/client_secret_key/#value

Method: GET

Response: Array

Description: check the detail entered at the client end is correct?

That’s all for Magento 2 SSO module. If you still have any issue feel free to add a ticket and let us know your views to make the module better at webkul.uvdesk.com.

Current Product Version - 4.0.0

Supported Framework Version - Magento 2.0.x, 2.1.x, 2.2.x,2.3.x, 2.4.x

How to set up SAML SSO with Google apps

admin — Sat, 18 Sep 2021 15:36:46 +0000

How to set up SAML SSO with Google apps admin Sat, 09/18/2021 - 22:36

The Robin Team

Setting up your Robin account? You’ll find the most up-to-date information in our Help Center.

‍As of October 2015, Google Apps can now act as a SAML Identity Provider. This is great news for organizations that haven't implemented SAML yet, because you can set up basic single sign-on authentication without introducing a third party service such as Okta or OneLogin.This guide will show you the basics of setting up a new SAML app for your Google Apps domain. The walkthrough below shows the process of setting up Google as the identity provider, and your service provider (i.e. the app you want people to sign into) will have its own instructions.

Where to find SAML Apps in Google

As an administrator on your Google account, go to the admin portal and click through to Apps > SAML Apps.

You will see a list of any existing SAML apps. Click the big plus sign in the bottom right to add a new one.

Add a new service app

Click "Setup my own custom app" near the bottom of the window.

Google IDP Information

You'll then see your specific Identity Provider information. You will need the info in Option 1 to configure your service provider in a moment. Open a new browser window so you can keep both handy.

Basic App Information

Add some descriptive information about the new SAML app. This is used to identify the app for everyone on your Google Apps domain.

Attribute Mapping

In the final step, you will need to map metadata attributes to your Google Apps users. They are case sensitive, and tell the service provider which fields to use for user data. Example:

Email: Basic Information > Primary Email
FirstName: Basic Information > First Name
LastName: Basic Information > Last Name

Adding your IDP to a service app

Now that you've added your service provider to your identity provider, you'll want to complete the connection by configuring your service provider directly. Most service providers want to know your Entity ID and SSO URL, but your service provider's documentation will have more information.

Enable the app for everyone

Once the app is configured, it will not work until you turn it on for your domain. You can turn in on for everyone in your organization or for specific organizations.

When turned on, your new app will show up in everyone's app dropdown along with existing SAML apps. You may need to click "More" first to see the complete list of available apps. Clicking on this link starts an IDP-initiated workflow, and will open your app with the current user authenticated.

Sample Workflow

Via robinpowered

What is ASP.NET Boilerplate?

admin — Sun, 29 Aug 2021 07:05:08 +0000

What is ASP.NET Boilerplate? admin Sun, 08/29/2021 - 14:05

This is a simple startup template based on ASP.NET Boilerplate framework and Module Zero. If you need an enterprise startup project, check ASP.NET ZERO .

What is ASP.NET Boilerplate?

ASP.NET Boilerplate is an application framework built on latest ASP.NET Core framework. It makes easy to use authorization, dependency injection, validation, exception handling, localization, logging, caching, background jobs and so on. It's built on already familiar tools like Entity Framework, AutoMapper, Castle Windsor...

ASP.NET Boilerplate implements NLayer architecture (Domain, Application, Infrastructure and Presentation Layers) and Domain Driven Design (Entities, Repositories, Domain/Application Services, DTO's...). Also implements and provides a good infrastructure to implement common software development best practices.

What is Module Zero?

ASP.NET Boilerplate framework is designed to be independent of any database schema and to be as generic as possible. Therefore, It leaves some concepts abstract and optional (like audit logging, permission and setting stores) which requires some data store.

Module Zero implements all fundamental concepts of ASP.NET Boilerplate framework such as tenant management (multi-tenancy), role management , user management, authorization ( permission management ), setting management, language management , audit logging and so on.

Module-Zero defines entities and implements domain logic (domain layer) and leaves application and presentation layers to you.

Based on Microsoft ASP.NET Core Identity

Module Zero is based on Microsoft's ASP.NET Core Identity library. It extends user and role managers and implements user and role stores using generic repositories.

Documentation

Source code

This template is developed open source on Github. You can contribute to the template. https://github.com/aspnetboilerplate/module-zero-core-template

Web Development

Integrate Magento SSO with your Web

Features Of Magento 2 SSO

Installation Of Magento 2 SSO

LDAP Configuration

Admin Magento 2 SSO Integration Management

Configuring a New Integration

UVdesk Support Portal Integration

Third-party integration like (asp.net, Java, PHP, etc.)

Tags

How to set up SAML SSO with Google apps

Where to find SAML Apps in Google

Add a new service app

Google IDP Information

Basic App Information

Attribute Mapping

Adding your IDP to a service app

Enable the app for everyone

Sample Workflow

Tags

What is ASP.NET Boilerplate?

What is ASP.NET Boilerplate?

What is Module Zero?

Based on Microsoft ASP.NET Core Identity

Documentation

Source code

Tags