Single Sign On (SSO) Server
Do you need a PHP login system that rocks? Well, you found it.
This is Barebones SSO Server. An awesome, scalable, secure, flexible login system.
- Cross-domain and cross-server capable. The SSO server can reside on its own domain and host.
- Massively scalable architecture. Scale out to as many boxes/virtuals as you have available.
- Resilient architecture. Authenticated users can continue to work even if the server becomes unavailable.
- Resource friendly. Small memory footprint.
- Enables partial to complete compliance with various bodies of rules and laws including HIPAA, GDPR, PCI. Work in progress to achieve complete compliance.
- Integrates with a variety of backend databases via CSDB.
- And much, much more. See the full feature list.
- Also has a liberal open source license. MIT or LGPL, your choice.
- Designed for relatively painless integration into your project.
- Sits on GitHub for all of that pull request and issue tracker goodness to easily submit changes and ideas respectively.
The fastest way to get started without reading a lot of documentation is to download/'git pull' the server from this repository and a SSO client from the list above and then follow along with the four part video tutorial series:
And use the installation documentation as necessary.
According to users of this software, it takes about 3 hours to get a functional SSO server/client setup for the first time. Building an equivalent system from scratch would take approximately six months for a team of several people, have less flexibility, and probably have multiple security vulnerabilities.
- Native app framework/API
- Native app demos - Precompiled versions of the above
- Disqus provider
- MyBB plugin - Direct download
- The PHP SSO client - Official documentation for the the PHP SSO client.
- Upgrading - Important information regarding upgrades.
- Integrating SSO clients with third-party software - Instructions for integrating with forums, CMS products, etc. Dealing with any software that comes with its own login system.
- Import existing user accounts - Instructions for migrating from another product or a homegrown login system.
- Enabling user impersonation - For managing hopeless users who regularly forget their sign in information and require constant password resets.
- Remote Login Provider documentation - Set up "remote" API keys to allow trusted hosts with their own login system and users (e.g. Active Directory/LDAP), to sign in.
- Creating a SSO server provider - The high-level interface for developing a new provider.
- Creating a Generic Login module - Modules extend the Generic Login provider to allow it to do more.
- Porting the SSO client - Instructions on porting the official PHP client to your preferred programming/scripting language.
- Endpoint API - The SSO server endpoint API.
- Using custom API keys - Here be dragons. The not recommended last resort workaround for dealing with encountered SSO server endpoint limitations.
- Reserved global variables - Global variables defined by the SSO server and some clients. Useful information for provider and module developers.
- SSO server global functions - Global functions defined by the SSO server. Useful information for provider and module developers.