Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
This branch is 3 commits ahead, 6 commits behind opsway:master.

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Magento Admin - Onelogin integration (SAML)

Magento module that makes it possible to login to Magento Admin via Onelogin Identity provider

This module is based on the OPSWAY module and uses the new Onelogin PHP SAML Toolkit.

Magento versions support

Compatible with Magento CE 1.4+, Magento EE 1.9+

How does it work?

Module adds a link "Login via Onelogin" on backend login form. Following this links initiates series of redirects that are described by SAML 2.0 standart

User authenticates against application and then information about user email is sent to Magento. Magento authenticate user by email and let him in.


  1. You should create application in

We are using "OneLogin SAML Test (IdP)" as a base. You can set Credentials as "Shared" and put Email you need to let all users login through one Magento account

You should copy two things:

  • application ID, which can be found in url:
  • X.509 certificate
  1. Now you can copy module to your Magento folder and configure it. Go to System->Configuration->Developer->Onelogin and put there the required settings.

  2. Flush Magento caches and you are done - you can now click on "Login via Onelogin" and see how magic happens

User auto-creation

You can enable Onelogin module to create users based on data supplied by IdP Just enable System->Configuration->Developer->Onelogin->Create user if not exists

You'll need to map fields in Magento to those in Onelogin. Common field names for the attributes are:

  • Username: User.Username
  • Email:
  • First Name: User.FirstName
  • Last Name: User.LastName
  • Role: memberOf

If the required attributes are not provided by the IdP, the user account can’t be created. (if the account already exists, only the email is required to log in).

When creating a new account, Magento will try to map the Onelogin provided role to a Magento Role.

As soon as Magento role names might not be the same as Onelogin role names, module enables you to map them. You have three separate fields to map Magento-Onelogin pairs. You can map several Onelogin roles to single Magento role separating them with comas.

If the magento account does not have a “Magento Admin Role” like “Administrators”, then the user will not be allowed to access to the admin panel.



Magento Admin - Onelogin integration (SAML)






No packages published


  • PHP 100.0%