The SAML SP module allows Drupal to function as a Service Provider. This means that users can authenticate to Drupal (without a username or password) via a SAML IDP (Identity Provider) that has been pre-registered with Drupal.


To configure an IDP, you need:

  • The SAML Login URL of the IDP
  • The x.509 certificate of the IDP

Alternative modules

The SimpleSAMLphp authentication module is similar, but has several differences.

  • The simplesaml_php module requires the SimpleSamlPHP framework. The framework is a full-stack framework: you need a vhost, data-storage, docroot, etc. It is not a simple component library.
  • The Saml SP module uses the OneLogin PHP-SAML toolkit, which is a minimal component library.
  • The Saml SP module only functions as a Service Provider. It won't act as an IDP.
  • Saml SP is configured entirely in Drupal (/admin/config/people/saml_sp).
  • Saml SP allows multiple IDPs and an API to work with them
  • Saml SP has a Drupal Login module which lets users automatically login/register using the Saml SP API


  1. Install the module files on your drupal site
  2. Checkout the OneLogin PHP-SAML toolkit into sites/all/libraries
    cd sites/all/libraries
    git clone .
  3. Download the XMLSecLibs library from
    cd site/all/libraries
    tar xvzf xmlseclibs-1.3.1.tar.gz
  4. Configure the module at admin/config/people/saml_sp.
  5. Enable the Saml SP Drupal Login module, if you want users to be able to automatically log in via Saml SP authentication.

Project Information