SAML-based products and services
Security Assertion Markup Language (SAML) is a set of specifications that encompasses the XML-format for security tokens containing assertions to pass information about a user and protocols and profiles to implement authentication and authorization scenarios. This article has a focus on software and services in the category of identity management infrastructure, which enable building Web-SSO solutions using the SAML protocol in an interoperable fashion. Software and services that are only SAML-enabled do not go here.
Products that provide SAML actors
SAML actors are Identity Providers (IdP), Service Providers (SP), Discovery Services, ECP Clients, Metadata Services, or Broker/IdP-proxy. This table shows the capability of products according to Kantara Initiative testing. Claimed capabilities are in column "other". Each mark denotes that at least one interoperability test was passed. Detailed results with product and test procedure versions are available at the Kantara/Liberty site given below.NOTE: This table represents a snapshot over time roll up of the most recent product test results. Please note that some products features and abilities may have been updated since they were last tested. Please check the website information of the originating product for the latest features and updates.
Libraries and toolkits to develop SAML actors and SAML-enabled services
Libraries and toolkits are used by developers to integrate applications and services into SAML federations or to build their own SAML-actors like IdPs.| Libraries and Toolkits | Organization | Licence | Purpose and Language bindings |
| Australian Access Federation | Australian Access Federation | Metadata Registry based on former work by | |
| ComponentSpace | ComponentSpace | SAML libraries for ASP.NET and ASP.NET Core applications | |
| Corto | WAYF | SAML2 proxy, virtual IdP, user consent | |
| DjangoSAML2 | GitHub | SAML2 application for Django, using PySAML2 underneath | |
| EmpowerID IdP & SP Kit | Dot Net Factory | IdP and SP Kit,.NET, REST, and SOAP-based integration kit to SAML-enable applications | |
| FEMMA | SourceForge | Workaround for the ADFS limitation of a single EntityID per XML infoset | |
| Firefox ECP Plugin | Openliberty | Firefox extension for compliance with SAML ECP | |
| FLOG F-Ticks Vizualization | SUNET | Parse and chart F-Ticks for webSSO and Eduroam | |
| Jagger | HEAnet | Metadata and Federation data manager; Shibboleth IDP GUI | |
| JAKOB | WAYF | Backchannel attribute collector | |
| JANUS | WAYF | Metadata Registry for hub-and-spoke federations based on SimpleSAMLphp; includes self-service | |
| Jitbit ASP.NET SAML lib | GitHub | SAML 2.0 "consumer" component for ASP.NET | |
| Lasso | Entrouvert | SAML-Library: C/C++, Python, Java, Perl, PHP | |
| LightSAML core | SAML-Library: PHP | ||
| OIOSAML 2.0 Toolkit | Danish IT and Telekom Agency | SP Framework: Java,.NET, PHP | |
| OmniAuth-Shibboleth | OneLogin | SAML-Library: ASP/.NET, Java, PHP, Python, Ruby | |
| OneLogin | OneLogin | SAML-Library: ASP/.NET, Java, PHP, Python, Ruby | |
| OpenConext | SURFnet | Service Provider Proxy and Hub-and-Spoke federation middleware, includes SAML proxy and central group management for creating collaboration platforms | |
| OpenSAML | Internet2 | SAML-Library: C++, Java | |
| MET | TERENA | gathers and shows information about federations | |
| Mujina | SURFnet | SAML test actors that can be dynamically configured using a REST interface | |
| PAC4J-SAML | SAML Service Provider Library | ||
| PEER | GÉANT | SAML Metadata Registry | |
| PHPH | WAYF.dk | SAML Metadata Processor | |
| Ping Identity | Ping Identity | Java,.NET, PHP and language neutral integration kits to SAML-enable applications | |
| PySAML2 | GitHub | SAML-Library: Python | |
| Python-SAML | OneLogin | SAML-Library: Python | |
| Pysfemma | GitHub | automate membership configuration of an ADFS STS in a SAML2 based Identity Federation | |
| PyFF | SUNET | SAML Metadata Processor | |
| Raptor | Jisc | toolkit to enable Shibboleth IdP statistics analysis | |
| SAML Metadata Aggregator | NORDUnet | Aggregates single metadata files and provides MDX webservice | |
| SAML Tracer | UNINETT AS | Firefox Plug-In to trace SAML messages | |
| SecureBlackbox | /n software | The component that implements SAML in client apps, which need to use service providers, or can be used to create your own service and identity providers | |
| SpringSecurity SAML | SpringSource | SAML-enable applications based on Spring framework | |
| Switch GMT | SWITCH-AAI | Group Management Tool for Shibboleth | |
| Webisoget | Command-line Tool to fetch a SSO-protected page including Shibboleth-Login | ||
| ZXID | zxid | C, other lang using swig.org |
SAML-related services
This section lists public services such as identity and attribute providers, metadata and test services, but *not* SAML-enabled web-applications and cloud services.| Service | Organization | Purpose |
| 9STAR | 9STAR | 9STAR Managed Services for Shibboleth/SAML SSO On-Premises or Cloud |
| 9STAR | 9STAR | 9STAR Shibboleth/SAML SSO Support Services |
| Acrot A-OK | Arcot | IdP |
| eduTEAMs | SURFnet | Federation enabled Group management service which acts as an Attribute Authority for group relations |
| Federation Lab | GÉANT | Test-SP, metadata registry, test tools |
| Feide OpenIdP | UNINETT AS | IdP that allows any user to register, and any SP to connect |
| Gazelle IHE validator | Gazelle | SAML Assertion Validation |
| Gluu On-Prem Managed Service | Gluu | IdP for SAML and OpenID Connect-enabled cloud services |
| Identity Hub | Entrouvert | Free IdP; Any user and any SP |
| OneLogin SSO | OneLogin | IdP for SAML- and OpenID-enabled cloud services |
| REEP | GÉANT | Public metadata registry |
| PhoneFactor | PhoneFactor Inc. | IdP/cloud SSO |
| PingOne | Ping Identity | Cloud Access and Application Provider Services for IdPs and SPs |
| SAASPASS | SAASPASS | IdP, IdM, Multi-Protocol STS (multiple claims based integrations including SAML 1.1, 2.0 SP SSO, 2.0 IdP SSO, OpenID Connect,.NET, CA SiteMinder and others |
| SamlComponent.net | SamlComponent | SAML Resources for Developers |
| samlidp.io | Kitek Media Kft. | SAML Identity Provider as a Service |
| SecureAuth | SecureAuth Corp. | IdP, IdM, Multi-Protocol STS (multiple claims based integrations including SAML 1.1, 2.0 SP SSO, 2.0 IdP SSO, OpenID,.NET, CA SiteMinder and others |
| SSOCircle | SSOCircle | Free IdP |
| Testshib | Internet2 | IdP and SP for testing |
| UnitedID | United ID Services | Free IDP service |
| Verizon Web Access Management | Verizon Business | IdP |
| ZXID | zxid.org | Free IdP |