You are here

Prerequisites for using SAML SSO with Alfresco

There are a number of requirements when using SAML SSO with Alfresco.

Software requirements

Alfresco should work with any identify provider (IdP) that supports SAML 2.0, however the following IdPs have been specifically tested with Alfresco:
  • Microsoft Active Directory Federation Services (AD FS) 3.0 for Microsoft Windows 2012 R2 and above
  • PingIdentity PingFederate 7.0 and later
Make sure that you have the public key of the certificate from your chosen IdP. You also need the SSO request, SLO request, and SLO response URLs.

Alfresco requirements

Alfresco Content Services 6.2 or later

Application servers

SAML is supported on the following application server:
  • Tomcat

SAML level

Alfresco uses SAML 2.0. See OASIS SAML v2.0 for more information on SAML specifications.

Microsoft Office

The SAML module has been tested and certified to work with Office 2013 and 2016. Other versions of Office have different authentication mechanisms and are unsupported for use with SAML.

Authentication chain

SAML is not a part of the authentication chain. It is used as a replacement for the authentication chain.

If you have not enforced SAML for a specific service provider, you can use the other authentication methods specified in your authentication chain alongside SAML when accessing that service provider. See Configuring SAML SSO.

Sending feedback to the Alfresco documentation team

You don't appear to have JavaScript enabled in your browser. With JavaScript enabled, you can provide feedback to us using our simple form. Here are some instructions on how to enable JavaScript in your web browser.