Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I want to use Microsoft via SAML as the identity provider for a Laravel app.
laravel-saml2 is not active plugins.miniorange.com/laravel-single-sign-on-sso freaked me out because the first official youTube video I found used a text-to-speech as the audio for their video. not-so First class!
Does Laravel have an official SAML package? Has community rallied around a single provider? I don't want to implement something that is in the process of being abandoned. What do you use for SAML?
I've had a good experience with https://github.com/SAML-Toolkits/php-saml in my PHP applications. While I'm not sure if there's an official package out there, I did write a blog post of how to integrate php-saml into a Laravel application: https://engineering.joinknack.com/laravel-saml-single-sign-on/
@mirandacalls Hi, I have an application build in Laravel. I manage Authentication and Authorization with Jetstream and Spatie Permission. I need to integrate a PRotocol SAML with Google as IDP. Is the first time with SAML, we have always use Socialite with SSO and OAuth2.0 with google. Can you help to understand how integrate?
@mirandacalls - Great article. Thanks for sharing.
@mirandacalls I am using your work and its great. But I am trying to implement a logout feature as well. Have you dabbled with that as well?
@thewruck for logout functionality you can give logout routes like this
Route::get('/saml-logout', [UserAPIController::class, 'logout']);
Route::get('/saml-logout-acs', [UserAPIController::class, 'acsLogout']);
and in controller you can add code like
use OneLogin\Saml2\Auth as SAMLAUTH;
public function logout(Request $request)
{
session_start();
// Initialize the SAML authentication class
$auth = new SAMLAUTH(config('php-saml'));
// Send a SAML logout request to the IdP
$logoutUrl = $auth->logout();
auth()->logout();
session()->flush();
// Redirect to the IdP logout URL (or to a local page)
return redirect($logoutUrl);
}
public function acsLogout(Request $request)
{ // Initialize the SAML authentication object
$auth = new SAMLAUTH(config('php-saml')); // Use your SAML configuration
// Process the logout response
$url = $auth->processSLO(); // This will handle the response from the IdP
if ($auth->getErrors()) {
return 'Error processing SAML logout response';
}
// If successful, you can redirect the user to a page, like a home page or login page
$url = $request->origin . '/en/auth/login';
// Redirect to the IdP logout URL (or to a local page)
return redirect($url);
}
don't forget to add logout callback url in php-saml config file as
//inside idp aray
'idp' => [
'singleLogoutService' => [
'url' => 'abc.example.com/trust/saml2/http-redirect/slo/3605901',
'binding' => '"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
],
]
and inside sp(service provider) array
'sp' => [
'singleLogoutService' => [
'url' => localhost/folder/public/api/saml-logout-acs',
// This should match your ACS route for logout
'binding' => '"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
],
]
now hit the route as
://localhost/folder/public/api/saml-logout
Please or to participate in this conversation.