Simple and Secure SAML Service Provider

Using php-saml-sp you can create your own services that are using SAML for authentication. This software only implements the Service Provider (SP) part. In order for this to function you need one or more Identity Providers (IdPs) to link to it. There are a number of other projects that implement a SAML SP, see Why for the reasons this project exists. You can also read about the supported features. In november 2020, a code audit was performed by Cure53. This project is currently used by some eduVPN servers as explained in this blog post.


The software is provided in the form of distribution packages. Currently we have packages for:


Install the repository signing key:

$ sudo rpm --import

Add the repository configuration:

$ cat << 'EOF' | sudo tee /etc/yum.repos.d/php-saml-sp_v2.repo
name=Repository for php-saml-sp

After this, follow the installation instructions for Fedora here, or on your system in /usr/share/doc/php-saml-sp/

Debian / Ubuntu

Install the repository signing key:

$ curl | sudo tee /etc/apt/trusted.gpg.d/

Add the repository configuration:

$ echo "deb $(lsb_release -s -c) main" | sudo tee /etc/apt/sources.list.d/php-saml-sp_v2.list

After this, follow the installation instructions for Debian / Ubuntu here, or on your system in /usr/share/doc/php-saml-sp/README.Debian.


All configuration takes place under the /etc/php-saml-sp directory. You can modify the config.php file in this directory. See the examples and comments in this file for more information. The original template can be found here in case you already made some modifications.

We have additional documentation on how to configure the metadata of the IdPs you want to give access. See the Metadata documentation for more information.


Check out the API documentation on how to use php-saml-sp from your application.