History: SAML

             # {icon name="users"} SAML

## Overview

((Tiki17)) and later can be a SAML Service Provider (SP), thanks to the integration of [https://github.com/onelogin/php-saml|OneLogin's SAML PHP Toolkit].

Up to ((Tiki23)), it requires installation via ((Packages)). Starting in ((Tiki24)), it is built-in.

When setting up Tiki as a SAML Service Provider, you would need to provide to the IdP the URLs for assertion consumer service, and single logout service (if used). These are : http<your site baseurl>/tiki-login.php?saml_acs and http<your site baseurl>/tiki-login.php?saml_sls respectively.



{PREFDOC(tab="login-saml2")/}

{QUOTE(replyto="Wikipedia" source_url="https://en.wikipedia.org/wiki/Security_Assertion_Markup_Language")}Security Assertion Markup Language (SAML) is an XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.

The single most important requirement that SAML addresses is web browser single sign-on (SSO). Single sign-on is common at the intranet level (using cookies, for example) but extending it beyond the intranet has been problematic and has led to the proliferation of non-interoperable proprietary technologies. (Another more recent approach to addressing the browser SSO problem is the OpenID Connect protocol.){QUOTE}

## Related links

- See also ((Tiki as a SAML IDP))
- https://en.wikipedia.org/wiki/Identity_provider
- https://en.wikipedia.org/wiki/Security_Assertion_Markup_Language