Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

How to configure SAML 2.0 in Hybris

Former Member

on ‎2018 Mar 22 10:20 AM

0 Likes
4,012

Hi, I need to integrate Okta as Identity Provider with Hybris to enable SSO using SAML 2.0 protocol.

I need to configure SAML 2.0 in Hybris that will work as an service provider.

Please share the steps to configure SAML 2.0 into Hybris Thanks Bipin

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (2)

Answers (2)

nicolabeghin
Product and Topic Expert
Product and Topic Expert
‎2019 Jun 12 11:12 AM
0 Likes

We got Keycloak working with Hybris (being a standard SAML provider). We suggest to ensure you maintan

  • the correct entityId

  • the metadata.xml you'll get from Okta/Keycloak

  • the required properties for user mapping in local.properties

then it's pretty much straightforward as in the trail.

 # keycloak attributes binding
 sso.usergroup.attribute.key=Role
 sso.firstname.attribute.key=urn\:oid\:2.5.4.42
 sso.lastname.attribute.key=urn\:oid\:2.5.4.4
 sso.userid.attribute.key=urn\:oid\:1.2.840.113549.1.9.1
Show replies
Show replies
dwarak_ch
Discoverer
‎2023 Feb 02 6:06 AM
0 Likes

Hi Nicola,

Thanks for the details. Could you confirm if we need to make any changes to redirection after successful authentication? Currently w we are facing an issue where redirection is not correct and the user is still anonymous.

nicolabeghin
Product and Topic Expert
Product and Topic Expert
‎2023 Feb 02 8:39 AM

I don't remember any specifics for redirection, but in pretty much every project we had to customize some little bits to get the overall flow as expected. I would suggest to check all the properties defined in samlsinglesignonaddon/project.properties to make sure you're not missing anything or go through a debug session.

ihar
Explorer
‎2018 Mar 23 12:14 PM
0 Likes

I hope this 'SAML Single Sign-On Trail' helps - https://help.hybris.com/6.6.0/hcd/44cfea73dd32446488f85515ac6817d1.html

Show replies
Show replies
former_member614321
Explorer
‎2019 Jun 12 10:42 AM
0 Likes

I did all the step but this document integrates the SSOCircle with hybris. in my case i am doing integration with the keycloak, where each and every time due to below code "urn:ssoextension:hybris:de" has been taken as a default client id, which inturn fails to invalid login requester.

Any suggestion please.

Blockquote

     <constructor-arg>
         <bean class="org.springframework.security.saml.metadata.MetadataGenerator">
             <property name="entityId" value="${sso.entity.id:urn:ssoextension:hybris:de}"/>
         </bean>
     </constructor-arg>
 </bean>
Ask a Question