Join Free or Sign in
My Cart 0
€0.00

Single Sign On with Microsoft ADFS for Magento Customer

SKU
Single Sign On with Microsoft ADFS for Magento Customer
€199.00

Single Sign-On with Microsoft ADFS for your Magento 2 Webshop

Allow your Magento 2 Customer to login directly with Microsoft ADFS without having to go through the account creation process.

When your customergoes to the login page, they will see the option to login with Single Sign-On. They simply click the button and after logging in he will be redirected to the shop and logged in. If the user does not exist in the shop, an account will be automatically created.

Our Single Sign-On solutions have been implemented in hundereds of webshops world wide, including Nokia, Canon, Castrol, Pearson, Dentons and numerous more. We have learned from every of these implementations and this is where you directly profit from

You can have your customers connect to your Single Sign-On environment in no time and increase the revenue of your webshop by removing barriers.

Single Sign-On with Microsoft ADFS for your Magento 2 Webshop

Allow your Magento 2 Customer to login directly with Microsoft ADFS without having to go through the account creation process.

When your customergoes to the login page, they will see the option to login with Single Sign-On. They simply click the button and after logging in he will be redirected to the shop and logged in. If the user does not exist in the shop, an account will be automatically created.

Our Single Sign-On solutions have been implemented in hundereds of webshops world wide, including Nokia, Canon, Castrol, Pearson, Dentons and numerous more. We have learned from every of these implementations and this is where you directly profit from

You can have your customers connect to your Single Sign-On environment in no time and increase the revenue of your webshop by removing barriers.


General Single Sign-On Configuration

Single Sign-On

The user logs in at the identity provider and the means to it no longer mean anything to the webshop itself. It does not matter if its a password authentication, biometrical, voice activated, keycoded or multi-factor. The Identity Provider Manages the login credentials.

Single Logout

When the user logs in with Single Sign-On, it's possible to tell the Identity Provider upon logout, to terminate any open sessions. This results in a global logout on all websites whre the user is logged in. This feature can be separately enabled.

Fully Pre-Configured for Microsoft ADFS

The extension is fully pre-configured so that you only have to fill in connection details and the rest will flow automatically. No manual mappings, no rocket science. Just install, follow the manual and you will have this integration running in a matter of minutes.

Works in a multi-store environment

You can enable Single Sign-On on a global level, or on a website, store and storeview level. Each level can support their own endpoints, so you can use different Azure accounts for different websites.

Frontend Firewall

Some companies dont want their website to be visible to customers prior to logging in. You can make your website a private website which will immediately redirect to the linked identity provider. After logging in, the customer can see the website.

Firewall Whitelisting

There are situations where you want pages to be visible to anyone, for example contact or help pages. You can set pages to be whitelisted and you can maintain a list of IP's which are not affected by the frontend firewall so they can navigate the website without having to login.



What is Microsoft ADFS

Microsoft ADFS is an enterprise solution which includes identity management for your employees, business relations and other involved parties.

You maintain all your business customers in Active Directory while Magento integrates with it and synchronizes the settings needed to login.

All you have to do is install Active Directory Federation Services on your Microsoft Windows Server and connect it to your Active Directory.

It works with SAML2 being the most secure and reliable solution.

Microsoft ADFS Plugin for Active Directory

A Selection of Identity Providers We Work With


Microsoft Azure Integration
The newer version of Microsoft Active Directory exposure has simplified the integration for both sides of the connection a lot. Being less strict and easier to setup, an integration with Azure is equal to that of ADFS. It's a new interface built on top of the old Active Directory Federation Services.

Microsoft ADFS Integration
The original integration with ADFS is simply the process of setting the right metadata url's, certificates and attributes on both sides. After that it's a very reliable and consistent integration using the super secure SAML2 protocol.


OneLogin Integration
OneLogin has excellent SAML2 support and has a broad spectrum when it comes to mapping the data from your Identity Management to Magento 2. A straight forward but fully functional solution which a multitude of our customers use.


ForgeRock Integration
Formerly known as OpenAM, this identity provider is very suitable for large enterprises. We've implemented OpenAM and Forgerock for a large Australian client in no time.


Auth0 Integration
A Large selection of our customers use Auth0 for both their production environments and for testing. It allows you to setup connections with both SAML2 aswell as OAuth2 quickly and securely. The integrations which Auth0 offers with external solutions are very broad, making this a fine selection for a lot of our customers.

Okta Integration
Enterprise level identity management in the cloud. We've integrated a market leaders to Okta for a few years now and the integration is straight forward. Being one of the largest companies for Identity Management, they've proven themselves to be a powerful solution.


Google Integration
Google is one of the largest Identity Providers in the world today. Integrating with mainly OAuth2 and used by both business and personal users. Nearly every person in the world has a user account, available to login with these days.



SalesForce Integration
Originally a platform to maintain your sales process and customer relations, SalesForce has become a very feature-rich platform with solid integrations. They have a SAML2 integration available which we use.

Write Your Own Review
You're reviewing:Single Sign On with Microsoft ADFS for Magento Customer

Single Sign-On with Microsoft ADFS for your Magento 2 Webshop

Allow your Magento 2 Customer to login directly with Microsoft ADFS without having to go through the account creation process.

When your customergoes to the login page, they will see the option to login with Single Sign-On. They simply click the button and after logging in he will be redirected to the shop and logged in. If the user does not exist in the shop, an account will be automatically created.

Our Single Sign-On solutions have been implemented in hundereds of webshops world wide, including Nokia, Canon, Castrol, Pearson, Dentons and numerous more. We have learned from every of these implementations and this is where you directly profit from

You can have your customers connect to your Single Sign-On environment in no time and increase the revenue of your webshop by removing barriers.


General Single Sign-On Configuration

Send customer registration welcome email on first login

When the account is created in the webshop, after a first login, you have the option to automatically send the welcome email which a customer would get on a normal registration. Generally you should set this to yes if you are running a business to consumer webshop.

CMS Page for failed login

When the login fails because the customer registration cannot be completed, we set a landing page that the customer will be directed to. Usually if SSO fails, it means incomplete data at the identity provider, so therefor instructions to request support can be given on the landing page.

Website visible for guests

In some occasions you want your webshop only to be visible to users who are logged in. If you set this to yes, the webshop will immediately redirect to the identity provider when the customer lands on any landingpage which is not set public. If you set this setting to "no", a whitelist option appears.

General SSO Settings


Single Sign-On Configuration In Magento

Entity ID

It's the easiest to set this to https://[your-store.com]/. You will need this in the trust relationship configuiration in the next step

Federation Metadata Endpoint

Fill this in as: https://[your-adfs-server-domain]/federationmetadata/2007-06/federationmetadata.xml

Single Sign-On Binding And Single Logout Binding

Keep this setting at the default, you do not need to change it. This is changeable because some users use specific binding settings in Azure. But if you changed this setting in Azure, you can enforce the binding used in these settings.

Solution Enabled

Go to the right scope where you want to enable Single Sign-On and set this setting to Yes, to enable it for that specific website or store.


Set the ADFS Frontend Login to enabled and save the configuration.

ADFS Server Settings


Single Sign-On Configuration In ADFS

Logon to your ADFS Server, open the ADFS Plugin

Click "Add Relying Party Trust" on the right side.

When asked, fill in the Entity ID which you set in the previous step.

The Service Provider Metadata URL is https://[your-store.com]/saml/metadata/adfs


Save the Configuration and go to the shop customer login

Magento 2 Frontend Login ADFS

ADFS Login Screen

10-09-2020 10:33:57

v1.0 for Magento 2.4.0

Created Initial ADFS SSO for the frontend
Recommended Installation Instructions
composer require gogento/sso-adfs-frontend "^240.1"
Fixed Version Installation Instructions
composer require gogento/sso-adfs-frontend "~240.1.0"

18-09-2020 03:54:24

v1.1 for Magento 2.4.0

Fixing code capitalization
Recommended Installation Instructions
composer require gogento/sso-adfs-frontend "^240.1"
Fixed Version Installation Instructions
composer require gogento/sso-adfs-frontend "~240.1.1"