Here for some guidence.
I have a simple php App that users create accounts via email and password. This works well. The app is a service for schools in the UK.
I've considering implementing SSO for Office 365 (possible google schools at a later date too) to my php application using SimpleSamlPHP. However, I have no experience of this at all. If someone good provide a step by step of what is expected/needed, that would be amazing (but any imput would be greatly apppraciated). Here is what I have researched so far. Please correct me if this is wrong...I found it very hard to find current php examples...
1.a. School/schools would need register a New App in Azure AD (my app).
1.b. Provide the school/tenant with domain name urls and redirect urls for the app registration
Install Simplesamlphp on my serverI'm here for some guidance. I have a simple PHP app that lets users create accounts via email and password. This works well. The app is a service for schools in the UK. I'm considering implementing SSO for Office 365 (possible Google Schools at a later date too) in my PHP application using SimpleSamlPHP. However, I have no experience with this at all. If someone could provide a step-by-step explanation of what is expected or needed, that would be amazing, but any input would be greatly appreciated. Here is what I have researched so far. Please correct me if this is wrong. I found it very hard to find current PHP examples. 1.a. Schools would need to register a new app in Azure AD (my app). 1.b. Provide the school/tenant with domain name urls and redirect urls for the app registration.
Install Simplesamlphp on my server.
Configure Simplesamlphp with the credentials from the school's New App Registration (not sure about this step). Particularly with a multi-tenant approach
Then test. Other considerations... Do I need to get my code or app verified with MS as an approved app? This would prevent warning messages to the user, as it would be an approved app with MS. I think this would help with step 1. Each collection of users (tenants) is from a school. There will be many schools that require access to the app too. Would SSO via SimpleSamlphp be a good choice? Any advice or reference articles would be greatly appreciated. I'm in the early stages of researching this. But I have access to a personal Office 365 account for testing.
Configure Simplesamlphp with the credentials from the schools New App Registration (No sure about this step). Particulally with a mulit-tenant approach
Then Test.
Other considerations...
Do I need to get my code/app verified with MS as an approved app? This would prevent warning messages to the user as it would be an approved app with MS. I think this would help with step 1.
Each collection of users (tenants) are from a school. There will be many school's requiring accces to the app too.
Would SSO via SimpleSamlphp be a good chooice?
Any advice or reference articles would be greatly appreciated.
I'm in the early stages of researching this. But have access to a personal office 365 account for testing.