I am currently working on a project that involves IdentityServer4 for implementing authentication and authorization services. My IdentityServer is set up to use the OpenID Connect (OIDC) protocol, and it's functioning as expected.
Now, I have a requirement to integrate SuiteCRM into this setup and utilize Single Sign-On (SSO) capabilities. Specifically, I would like IdentityServer4 to act as the Identity Provider (IdP) for SuiteCRM.
My main challenge here is that I want to add support for the SAML2 protocol alongside OIDC for this SSO integration. I am looking for guidance on whether I need to add SAML2 support solely within my IdentityServer4 configuration or whether SuiteCRM also requires some module or package to be installed for SAML2 support.
My Questions Are:
- Is there any free and open-source package available to enable SAML2 support in IdentityServer4 or SuiteCRM?
- Are there any free adapter packages that can translate OIDC requests to SAML2 protocol and vice versa?
Any insights, references, or code samples would be greatly appreciated.
Thank you in advance!
There are open source SAML packages out there although not all support acting as the IdP. I'm not sure if any explicitly demonstrate adding SAML support to IdentityServer4. ComponentSpace has a commercial product that supports SAML SSO within IdentityServer4.
I'm not aware of any. In our IdentityServer4 configuration, client apps use OIDC to SSO to IdentityServer4 which in turn uses SAML SSO to delegate authentication to a third party IdP. More broadly, client apps can use OIDC or SAML to SSO to IdentityServer4 which then can either handle the authentication locally or delegate to a third party OIDC or SAML identity provider. IdentityServer4 is effectively acting as the protocol converter.