SuiteCRM metadata for SAML Authentication

Question

I am trying to integrate SAML authentication for SuiteCRM 7.8.5 version. Have set up the Login URL, SLO URL and X509 Certificate in the Password Management page.I also have a Shibboleth IDP installed on another server and need the metadata of the SuiteCRM installtion to configure there. I have been going through the suitecrm forums and also tried to make some connection with the sugarcrm docs to find out the url/location for getting the metadata xml. But so far no luck.

Is there any url that will give the metadata?

Any help is greatly appreciated.

Thanks

score 2 · Answer 1 · answered Feb 20 '18 at 19:50

There is no metadata xml automatically generated unfortunately, you will need to craft your own but the key information you need is:

AssertionConsumerService = "https://yourcrm.com/index.php?action=Login&module=Users"
SingleLogoutService = "https://yourcrm.com/index.php?action=Login&module=Users"
NameIDFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
nameidattribute = "uid"

The login action handles both login and logout when used with SAML. Note the name id attribute you use is equivalent to the users.user_name database field and that is what SuiteCRM will login as.

score 1 · Answer 2 · answered Sep 12 '20 at 05:46

1

This has changed in recent versions of SuiteCRM. Metadata are located here: https://suitecrm-domain.tld/index.php?entryPoint=SAML2Metadata

answered Sep 12 '20 at 05:46

Kirill

21
1

SuiteCRM metadata for SAML Authentication

2 Answers2