Samlify is a Node.js library that provides a comprehensive solution for implementing SAML (Security Assertion Markup Language) authentication. It allows developers to easily integrate SAML-based Single Sign-On (SSO) into their applications, supporting both Identity Provider (IdP) and Service Provider (SP) roles.
Service Provider (SP) Configuration
This feature allows you to configure a Service Provider (SP) in your application. The code sample demonstrates how to set up an SP with a specific entity ID and assertion consumer service URL.
{
"const saml = require('samlify');",
"const sp = saml.ServiceProvider({",
" entityID: 'sp.example.com',",
" assertionConsumerService: {",
" url: 'https://sp.example.com/acs',",
" binding: saml.Constants.namespace.binding.post",
" }",
"});"
}Identity Provider (IdP) Configuration
This feature allows you to configure an Identity Provider (IdP). The code sample shows how to set up an IdP with a specific entity ID and single sign-on service URL.
{
"const idp = saml.IdentityProvider({",
" entityID: 'idp.example.com',",
" singleSignOnService: {",
" url: 'https://idp.example.com/sso',",
" binding: saml.Constants.namespace.binding.redirect",
" }",
"});"
}SAML Request Generation
This feature enables the generation of SAML authentication requests. The code sample demonstrates how to create a login request from the Service Provider to the Identity Provider using the redirect binding.
{
"const { id, context } = sp.createLoginRequest(idp, 'redirect');"
}SAML Response Validation
This feature allows the validation of SAML responses received from the Identity Provider. The code sample shows how to parse and validate a login response using the POST binding.
{
"sp.parseLoginResponse(idp, 'post', {",
" body: req.body",
"}).then((parseResult) => {",
" console.log(parseResult);",
"});"
}Passport-SAML is a SAML authentication strategy for Passport, the popular Node.js authentication middleware. It provides similar functionalities to samlify, such as handling SAML authentication requests and responses. However, it is more tightly integrated with the Passport ecosystem, making it a good choice if you are already using Passport for other authentication strategies.
Node-SAML is a lightweight library for SAML authentication in Node.js. It offers basic functionalities for SAML authentication, similar to samlify, but with a simpler API. It may be more suitable for projects that require a straightforward implementation without the additional features provided by samlify.
Saml2-js is another Node.js library for SAML authentication. It provides functionalities for both Service Provider and Identity Provider roles, similar to samlify. While it offers a comprehensive set of features, samlify is often preferred for its more modern API and better documentation.
Node.js API for Single Sign On (SAML 2.0)
Welcome all PRs for maintaining this project, or provide a link to the repositories especially for use cases alongside with different frameworks.
This module provides high-level API for scalable Single Sign On (SSO) implementation. Developers can easily configure the Service Providers and Identity Providers by importing the corresponding metadata. SAML2.0 provides a standard guide but leaves a lot of options, so we provide a simple interface that's highly configurable.
To install the stable version
$ npm install samlify --save
$ yarn add samlify
This project is now developed using TypeScript 2.0, also support Yarn which is a new package manager.
$ npm install typescript -g
$ yarn
const saml = require('samlify');
See full documentation here
In progress
An introduction to Single Sign On
Copyright (C) 2016-2017 Tony Ngan, released under the MIT License.
FAQs
High-level API for Single Sign On (SAML 2.0)
The npm package samlify receives a total of 114,425 weekly downloads. As such, samlify popularity was classified as popular.
We found that samlify demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Malicious Go packages are impersonating popular libraries to install hidden loader malware on Linux and macOS, targeting developers with obfuscated payloads.
Security News
Bybit's $1.46B hack by North Korea's Lazarus Group pushes 2025 crypto losses to $1.6B in just two months, already surpassing all of 2024's $1.49B total.
Security News
OpenSSF has published OSPS Baseline, an initiative designed to establish a minimum set of security-related best practices for open source software projects.