I'm relatively new to SAML and came across the OneLogin Python SAML library. I was able to get it up and running with my web app being the Service provider (SP) and OneLogin being the Identity Provider (Idp).
I would like to be able to add support for other Identity Providers as well. However, I find that the python-saml library is using a settings.json
to get the Idp information. I have looked at the following issues on their Github project but have been unable to get an actionable solution:
[1] https://github.com/onelogin/python-saml/issues/64
[2] https://github.com/onelogin/python-saml/issues/52
Has anyone been successful in using this library to be able to support multiple Identity Providers?
This was answered in the git repo:
The toolkit was not initially designed to be used with multiple IdPs, instead with the OneLogin IdP, but you can with a little effort support multiple IdPs.
In the toolkit you will see 2 demos (django, flask) that uses a settings.js file that contain a json object.
In order to support multiple IdPs you can store each IdP-SP data on different files or store different json objects on a database.
After that, it's up to your application to provide a mechanism to tie different tenants to different IDPs. Most folks typically configure their application to either do this via subdomain (sometenant.myapp.com) or URL (www.myapp.com/sometenant) - with settings configured differently for each tenant
Once you've done that, SAML is SAML and it should work with any IDP that supports it.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With