Join Free or Sign in
Share:
My Cart 0
€0.00

Corporate Single Sign On

SKU
Corporate Single Sign On
€199.00

Allow your Magento 2 Customer or your backend users to login directly with your corporate Identity Provider without having to go through the account creation process.

Due to a compatibility with both OAuth2 as SAML2 protocols, our extension can deal with nearly any Identity Provider on the market. You can create multiple connections from your Magento 2 Backend and select which one is active on the backend and which one is active per website.


When your customer or admin user goes to the login page, they will see the option to login with Single Sign-On. They simply click the button and after logging in he will be redirected to the shop and logged in. If the user does not exist in the shop, an account will be automatically created.

Our Single Sign-On solutions have been implemented in hundereds of webshops world wide, including Nokia, Canon, Castrol, Pearson, Dentons and numerous more. We have learned from every of these implementations and this is where you directly profit from

You can have your customers connect to your Single Sign-On environment in no time and increase the revenue of your webshop by removing barriers.


Compatibility Details

Magento 2.4.X

Extension v2.0
Installation Instructions
composer require gogento/sso "^240.2"

Magento 2.3.X

Extension v2.0
Installation Instructions
composer require gogento/sso "^235.2"

Single Sign-On with nearly ANY Identity Provider

Allow your Magento 2 Customer or your backend users to login directly with your corporate Identity Provider without having to go through the account creation process.

Due to a compatibility with both OAuth2 as SAML2 protocols, our extension can deal with nearly any Identity Provider on the market. You can create multiple connections from your Magento 2 Backend and select which one is active on the backend and which one is active per website.


When your customer or admin user goes to the login page, they will see the option to login with Single Sign-On. They simply click the button and after logging in he will be redirected to the shop and logged in. If the user does not exist in the shop, an account will be automatically created.

Our Single Sign-On solutions have been implemented in hundereds of webshops world wide, including Nokia, Canon, Castrol, Pearson, Dentons and numerous more. We have learned from every of these implementations and this is where you directly profit from

You can have your customers connect to your Single Sign-On environment in no time and increase the revenue of your webshop by removing barriers.


General Single Sign-On Configuration

Single Sign-On

The user logs in at the identity provider and the means to it no longer mean anything to the webshop itself. It does not matter if its a password authentication, biometrical, voice activated, keycoded or multi-factor. The Identity Provider Manages the login credentials.

Single Logout

When the user logs in with Single Sign-On, it's possible to tell the Identity Provider upon logout, to terminate any open sessions. This results in a global logout on all websites whre the user is logged in. This feature can be separately enabled.


Easy setup yet hundereds of Identity Providers are supported

The extension is simple to setup and does not require you to have a deep understanding of the protocols used. We only ask of you to fill in the information which you can grab of your Identity Provider setup page, and from that point forward everything is automated


Highly configurable mapping system

We support several mapping types, to enrich your data with other information before logging in a user or creating an account. You can map data from your Identity Provider aswell as store specific settings and static information with just a simple mapping form.

Safe and Secure

GoGento is a company specialised in integrations and security. We are the maintainer of a widely used SAML2 protocol library and have spared no effort to make our extension as secure as possible

Works in a multi-store environment

You can enable Single Sign-On on a global level, or on a website, store and storeview level. Each level can support their own endpoints, so you can use different Identity Providers for different websites.

Frontend Firewall

Some companies dont want their website to be visible to customers prior to logging in. With the flip of a simple setting you can make your website a private website which will immediately redirect to the linked identity provider. After logging in, the customer can see the website.

Backend Firewall

Same as the frontend we have an extra firewall that you can enable in the backend so that users cannot see the login form and are redirected to the Identity Provider right away.

Firewall Whitelisting

When the firewall is enabled, there are still situations where you want pages to be visible to anyone, for example contact or help pages. You can set pages to be whitelisted and you can maintain a list of IP's which are not affected by the firewalls so they can navigate the website without having to login.

Automatic User and Customer Creation

If the user does not exist in your admin or the customer does not exist in your frontend, an account will be automatically created prior to logging in.



A Selection of Identity Providers The Extension Works With


Microsoft Azure Integration


Microsoft ADFS Integration


ForgeRock Integration

Auth0 Integration

Okta Integration


Google Integration


SalesForce Integration











Create multiple Identity Providers

In your Magento 2 Backend you can create as many Identity Providers as needed for your company. You can create both SAML2 and OAuth2 Identity Providers without a fuss.

Just go to GoGento in the left menu and click Connections

In this example we already created 2 identity providers.

Note: The identifier will be automatically generated when you create a new connection. This unique identifier is used in the URL to tell the extension which SSO we're dealing with. This approach ensures a secure integration is in place where these identifiers can not be guessed by your users or customers. This prevents them to login to unintended identity providers which you may have in place in other stores.


Magento 2 as SAML2 Service Provider

The initial setup of an SAML2 Identity Provider consists of setting up the fields below. The rest is fully automated for you.
Fill this in, save it and go to your Identity Provider to create the trust relationship at the Identity Provider itself


Creating a trust relationship on your SAML2 Identity Provider

After setting up the SAML2 information in Magento 2, save it and use the information under the form to create the trust relation on your Identity Provider.
Most identity providers just need your metadata URL and can figure out the rest for you.


Magento 2 as OAuth2 Consumer

Just like creating a SAML2 Service Provider, you can simply turn Magento 2 in an OAuth2 consumer
Fill in the form, save it and setup your Identity Provider itself


Easy store specific settings

Specify precisely what Identity Providers you want to enable in your store frontends on the specified default, website or store scope.

Create separate identity provider connections for your Magento 2 Backend, simplifying your coorporate identity managent for your Magento 2 backend users.

Setup the firewall for the frontend or the backend allowing you to completely finetune the behaviour on your website, by whitelisting certain pages or by completely whitelisting IP's which can pass through the firewall without problems


Create mappings in a matter of minutes

You can multiple types of mappings

  • External Mapping - Mapping your Identity Provider Attribute to an Magento attribute
  • Static Mapping - Enter a static value which will be used
  • Config Mapping - Refer to a magento 2 store configuration path (ex. general/locale/locale)


Integrations most often used in with our extension


Microsoft Azure Integration
The newer version of Microsoft Active Directory exposure has simplified the integration for both sides of the connection a lot. Being less strict and easier to setup, an integration with Azure is equal to that of ADFS. It's a new interface built on top of the old Active Directory Federation Services.

Microsoft ADFS Integration
The original integration with ADFS is simply the process of setting the right metadata url's, certificates and attributes on both sides. After that it's a very reliable and consistent integration using the super secure SAML2 protocol.


OneLogin Integration
OneLogin has excellent SAML2 support and has a broad spectrum when it comes to mapping the data from your Identity Management to Magento 2. A straight forward but fully functional solution which a multitude of our customers use.


ForgeRock Integration
Formerly known as OpenAM, this identity provider is very suitable for large enterprises. We've implemented OpenAM and Forgerock for a large Australian client in no time.


Auth0 Integration
A Large selection of our customers use Auth0 for both their production environments and for testing. It allows you to setup connections with both SAML2 aswell as OAuth2 quickly and securely. The integrations which Auth0 offers with external solutions are very broad, making this a fine selection for a lot of our customers.

Okta Integration
Enterprise level identity management in the cloud. We've integrated a market leaders to Okta for a few years now and the integration is straight forward. Being one of the largest companies for Identity Management, they've proven themselves to be a powerful solution.


Google Integration
Google is one of the largest Identity Providers in the world today. Integrating with mainly OAuth2 and used by both business and personal users. Nearly every person in the world has a user account, available to login with these days.



SalesForce Integration
Originally a platform to maintain your sales process and customer relations, SalesForce has become a very feature-rich platform with solid integrations. They have a SAML2 integration available which we use.

Installation and Upgrade Details

We do not provide direct download links of our extensions as they are not needed and bad practise. Installing and maintaining the latest updates of your extensions using composer is the best and safest solution. If you do need a manual download, feel free to contact us for aid.

Installing an extension is the same process as upgrading an extension. You can run the exact same composer require command as you do with the installation with the new version set, to upgrade the extension


Step 1 - Setup composer authentication

To install our extensions you need to first setup the composer repository for your account.
You don't need to do this after every purchase, just after the very first purchase you make in our webshop. Your composer URL can be found in your account details and can be setup with composer by executing this command on your server in your Magento 2 root:

composer config repositories.gogento composer https://gogento.com/composer/customer/[your-composer-secret]

These instructions can also be found in your account details


Step 2 - Install the right version

Now find the closest version matching your Magento 2 installation and run the composer require command below.


Magento 2.4.X

Extension v2.0
composer require gogento/sso "^240.2"

Magento 2.3.X

Extension v2.0
composer require gogento/sso "^235.2"

Step 3 - Post Installation

After the extension installation you can proceed with the default deployment commands which are run after adding a new extension.

1. Upgrading the database schema

bin/magento setup:upgrade
2. Verify your deployment mode
bin/magento deploy:mode:show
3. Run if the above command returns "production"
bin/magento setup:di:compile
bin/magento setup:static-content:deploy [your locales]
4. Wrap up the deployment
bin/magento index:reindex
bin/magento cache:clean

13-04-2021 12:17:43

v2.0 for Magento 2.3.5

Removed left spacing
Recommended Installation Instructions
composer require gogento/sso "^235.2"
Fixed Version Installation Instructions
composer require gogento/sso "~235.2.0"

07-09-2020 09:38:57

v1.0 for Magento 2.4.0

Ensured the base SSO extension works properly in 2.4.0
Recommended Installation Instructions
composer require gogento/sso "^240.1"
Fixed Version Installation Instructions
composer require gogento/sso "~240.1.0"

14-09-2020 06:46:08

v1.1 for Magento 2.4.0

Fixing code violations for Marketplace
Recommended Installation Instructions
composer require gogento/sso "^240.1"
Fixed Version Installation Instructions
composer require gogento/sso "~240.1.1"

18-09-2020 03:36:18

v1.2 for Magento 2.4.0

Ensuring we use the right capitalization
Recommended Installation Instructions
composer require gogento/sso "^240.1"
Fixed Version Installation Instructions
composer require gogento/sso "~240.1.2"

13-04-2021 12:17:43

v2.0 for Magento 2.4.0

Removed left spacing
Recommended Installation Instructions
composer require gogento/sso "^240.2"
Fixed Version Installation Instructions
composer require gogento/sso "~240.2.0"

Single Sign-On with nearly ANY Identity Provider

Allow your Magento 2 Customer or your backend users to login directly with your corporate Identity Provider without having to go through the account creation process.

Due to a compatibility with both OAuth2 as SAML2 protocols, our extension can deal with nearly any Identity Provider on the market. You can create multiple connections from your Magento 2 Backend and select which one is active on the backend and which one is active per website.


When your customer or admin user goes to the login page, they will see the option to login with Single Sign-On. They simply click the button and after logging in he will be redirected to the shop and logged in. If the user does not exist in the shop, an account will be automatically created.

Our Single Sign-On solutions have been implemented in hundereds of webshops world wide, including Nokia, Canon, Castrol, Pearson, Dentons and numerous more. We have learned from every of these implementations and this is where you directly profit from

You can have your customers connect to your Single Sign-On environment in no time and increase the revenue of your webshop by removing barriers.


General Single Sign-On Configuration

Single Sign-On

The user logs in at the identity provider and the means to it no longer mean anything to the webshop itself. It does not matter if its a password authentication, biometrical, voice activated, keycoded or multi-factor. The Identity Provider Manages the login credentials.

Single Logout

When the user logs in with Single Sign-On, it's possible to tell the Identity Provider upon logout, to terminate any open sessions. This results in a global logout on all websites whre the user is logged in. This feature can be separately enabled.


Easy setup yet hundereds of Identity Providers are supported

The extension is simple to setup and does not require you to have a deep understanding of the protocols used. We only ask of you to fill in the information which you can grab of your Identity Provider setup page, and from that point forward everything is automated


Highly configurable mapping system

We support several mapping types, to enrich your data with other information before logging in a user or creating an account. You can map data from your Identity Provider aswell as store specific settings and static information with just a simple mapping form.

Safe and Secure

GoGento is a company specialised in integrations and security. We are the maintainer of a widely used SAML2 protocol library and have spared no effort to make our extension as secure as possible

Works in a multi-store environment

You can enable Single Sign-On on a global level, or on a website, store and storeview level. Each level can support their own endpoints, so you can use different Identity Providers for different websites.

Frontend Firewall

Some companies dont want their website to be visible to customers prior to logging in. With the flip of a simple setting you can make your website a private website which will immediately redirect to the linked identity provider. After logging in, the customer can see the website.

Backend Firewall

Same as the frontend we have an extra firewall that you can enable in the backend so that users cannot see the login form and are redirected to the Identity Provider right away.

Firewall Whitelisting

When the firewall is enabled, there are still situations where you want pages to be visible to anyone, for example contact or help pages. You can set pages to be whitelisted and you can maintain a list of IP's which are not affected by the firewalls so they can navigate the website without having to login.

Automatic User and Customer Creation

If the user does not exist in your admin or the customer does not exist in your frontend, an account will be automatically created prior to logging in.



A Selection of Identity Providers The Extension Works With


Microsoft Azure Integration


Microsoft ADFS Integration


ForgeRock Integration

Auth0 Integration

Okta Integration


Google Integration


SalesForce Integration











Create multiple Identity Providers

In your Magento 2 Backend you can create as many Identity Providers as needed for your company. You can create both SAML2 and OAuth2 Identity Providers without a fuss.

Just go to GoGento in the left menu and click Connections

In this example we already created 2 identity providers.

Note: The identifier will be automatically generated when you create a new connection. This unique identifier is used in the URL to tell the extension which SSO we're dealing with. This approach ensures a secure integration is in place where these identifiers can not be guessed by your users or customers. This prevents them to login to unintended identity providers which you may have in place in other stores.


Magento 2 as SAML2 Service Provider

The initial setup of an SAML2 Identity Provider consists of setting up the fields below. The rest is fully automated for you.
Fill this in, save it and go to your Identity Provider to create the trust relationship at the Identity Provider itself


Creating a trust relationship on your SAML2 Identity Provider

After setting up the SAML2 information in Magento 2, save it and use the information under the form to create the trust relation on your Identity Provider.
Most identity providers just need your metadata URL and can figure out the rest for you.


Magento 2 as OAuth2 Consumer

Just like creating a SAML2 Service Provider, you can simply turn Magento 2 in an OAuth2 consumer
Fill in the form, save it and setup your Identity Provider itself


Easy store specific settings

Specify precisely what Identity Providers you want to enable in your store frontends on the specified default, website or store scope.

Create separate identity provider connections for your Magento 2 Backend, simplifying your coorporate identity managent for your Magento 2 backend users.

Setup the firewall for the frontend or the backend allowing you to completely finetune the behaviour on your website, by whitelisting certain pages or by completely whitelisting IP's which can pass through the firewall without problems


Create mappings in a matter of minutes

You can multiple types of mappings

  • External Mapping - Mapping your Identity Provider Attribute to an Magento attribute
  • Static Mapping - Enter a static value which will be used
  • Config Mapping - Refer to a magento 2 store configuration path (ex. general/locale/locale)


Integrations most often used in with our extension


Microsoft Azure Integration
The newer version of Microsoft Active Directory exposure has simplified the integration for both sides of the connection a lot. Being less strict and easier to setup, an integration with Azure is equal to that of ADFS. It's a new interface built on top of the old Active Directory Federation Services.

Microsoft ADFS Integration
The original integration with ADFS is simply the process of setting the right metadata url's, certificates and attributes on both sides. After that it's a very reliable and consistent integration using the super secure SAML2 protocol.


OneLogin Integration
OneLogin has excellent SAML2 support and has a broad spectrum when it comes to mapping the data from your Identity Management to Magento 2. A straight forward but fully functional solution which a multitude of our customers use.


ForgeRock Integration
Formerly known as OpenAM, this identity provider is very suitable for large enterprises. We've implemented OpenAM and Forgerock for a large Australian client in no time.


Auth0 Integration
A Large selection of our customers use Auth0 for both their production environments and for testing. It allows you to setup connections with both SAML2 aswell as OAuth2 quickly and securely. The integrations which Auth0 offers with external solutions are very broad, making this a fine selection for a lot of our customers.

Okta Integration
Enterprise level identity management in the cloud. We've integrated a market leaders to Okta for a few years now and the integration is straight forward. Being one of the largest companies for Identity Management, they've proven themselves to be a powerful solution.


Google Integration
Google is one of the largest Identity Providers in the world today. Integrating with mainly OAuth2 and used by both business and personal users. Nearly every person in the world has a user account, available to login with these days.



SalesForce Integration
Originally a platform to maintain your sales process and customer relations, SalesForce has become a very feature-rich platform with solid integrations. They have a SAML2 integration available which we use.