Differences

This shows you the differences between two versions of the page.

--- en:2.0:single_sign_on [2025/05/05 18:31] – kainhofer
+++ en:2.0:single_sign_on [2025/05/09 00:21] (current) – kainhofer
@@ Line 19: / Line 19: @@
 |
-Other systems like Prestashop do not provide any freely available SAML plugin, only some very expensive commercial extensions.
+Other systems like Prestashop do not provide any freely available SAML or OpenID plugin, only some very expensive commercial extensions.
@@ Line 295: / Line 295: @@
   * Which **roles / group memberships** are sent to the client on successful login. The data fields and groups can be mapped to different names, if the client cannot handle Admidio's fields and role names. On particular case is the admin role, where many clients use a role named "admin" to grant admin access to a user logged in via OpenID.
-In addition each client typically has settings to require sent or received SAML messages to be signed and/or encrypted to ensure a secure login process. The details depend on the capabilities of the client. Some clients do not support encryption, other require all SAML messages to be signed (for good reason!).
+In addition each client typically has some more settings regarding fields <=> claims mapping, groups, auto-generating accounts for new logins, etc. The details depend on the capabilities of the client.
 {{:en:2.0:sso:sso_oidc_01-08_clientsetup1.png?direct&300|}}{{:en:2.0:sso:sso_oidc_01-09_clientsetup2.png?direct&300|}}{{:en:2.0:sso:sso_oidc_01-10_clientsetup3.png?direct&300|}}