Awesome

Single Sign On (SSO) Server

Do you need a PHP login system that rocks? Well, you found it.

This is Barebones SSO Server. An awesome, scalable, secure, flexible login system.

Features

• Cross-domain and cross-server capable. The SSO server can reside on its own domain and host.
• Massively scalable architecture. Scale out to as many boxes/virtuals as you have available.
• Resilient architecture. Authenticated users can continue to work even if the server becomes unavailable.
• Resource friendly. Small memory footprint.
• Enables partial to complete compliance with various bodies of rules and laws including HIPAA, GDPR, PCI. Work in progress to achieve complete compliance.
• Integrates with a variety of backend databases via CSDB.
• And much, much more. See the full feature list.
• Also has a liberal open source license. MIT or LGPL, your choice.
• Designed for relatively painless integration into your project.
• Sits on GitHub for all of that pull request and issue tracker goodness to easily submit changes and ideas respectively.

SSO Clients

• PHP
• ASP.NET (C#)
• Go (Golang)

Getting Started

The fastest way to get started without reading a lot of documentation is to download/'git pull' the server from this repository and a SSO client from the list above and then follow along with the four part video tutorial series:

And use the installation documentation as necessary.

According to users of this software, it takes about 3 hours to get a functional SSO server/client setup for the first time. Building an equivalent system from scratch would take approximately six months for a team of several people, have less flexibility, and probably have multiple security vulnerabilities.

Related Projects

• Native app framework/API
• Native app demos - Precompiled versions of the above
• Disqus provider
• MyBB plugin - Direct download

More Information

• The PHP SSO client - Official documentation for the the PHP SSO client.
• Upgrading - Important information regarding upgrades.
• Integrating SSO clients with third-party software - Instructions for integrating with forums, CMS products, etc. Dealing with any software that comes with its own login system.
• Import existing user accounts - Instructions for migrating from another product or a homegrown login system.
• Enabling user impersonation - For managing hopeless users who regularly forget their sign in information and require constant password resets.
• Remote Login Provider documentation - Set up "remote" API keys to allow trusted hosts with their own login system and users (e.g. Active Directory/LDAP), to sign in.
• Creating a SSO server provider - The high-level interface for developing a new provider.
• Creating a Generic Login module - Modules extend the Generic Login provider to allow it to do more.
• Porting the SSO client - Instructions on porting the official PHP client to your preferred programming/scripting language.
• Endpoint API - The SSO server endpoint API.
• Using custom API keys - Here be dragons. The not recommended last resort workaround for dealing with encountered SSO server endpoint limitations.
• Reserved global variables - Global variables defined by the SSO server and some clients. Useful information for provider and module developers.
• SSO server global functions - Global functions defined by the SSO server. Useful information for provider and module developers.