With the Single Sign-On SAML plugin “fl-SamlAuth” it is possible to login to forma.lms through any identity provider, without having to re-enter the username and password upon access.
SAML (Security Assertion Markup Language) is an XML-based language used for authentication through identity federation.
SAML specifies three roles: the primary entity (for example, a user), the identity provider (IdP), and the service provider (SP).
With this plugin, forma.lms impersonate the service provider (SP).
When using this forma.lms plugin for SAML authentication, the user requests access to the e-learning system, and the plugin is able to ask for and receive a user authentication statement from an Identity provider.
Depending on the response from the IdP, the user will be granted access to the system, or the login will be denied.
It is possible, according to the configuration, to create a new user in forma.lms if the identity is validated by the IdP configured.
The settings of the plugin is fully configurable in the “Configuration” section of the “Plugins” entry of the forma.lms administration.
Some IdPs already used with the plugin are, for example:
- Microsoft Azure Active Directory
- Microsoft ADF
- Google Identity
- SimpleSAML PHP
- Auth0
