{"id":22009704,"url":"https://github.com/zitadel/python-saml-sp","last_synced_at":"2025-10-11T03:30:20.061Z","repository":{"id":241881893,"uuid":"808086334","full_name":"zitadel/python-saml-sp","owner":"zitadel","description":"SAML Service Provider with ZITADEL Integration","archived":false,"fork":false,"pushed_at":"2025-05-17T19:47:09.000Z","size":2291,"stargazers_count":1,"open_issues_count":1,"forks_count":2,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-06-01T18:47:35.303Z","etag":null,"topics":["examples","python","saml","saml-authentication","saml-service-provider","saml-sp","zitadel"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zitadel.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-05-30T11:01:13.000Z","updated_at":"2025-03-25T13:09:50.000Z","dependencies_parsed_at":"2024-05-30T13:50:31.583Z","dependency_job_id":"caa47705-b906-4b70-a3ba-ed5c60d128d0","html_url":"https://github.com/zitadel/python-saml-sp","commit_stats":null,"previous_names":["zitadel/python-saml-sp"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/zitadel/python-saml-sp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zitadel%2Fpython-saml-sp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zitadel%2Fpython-saml-sp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zitadel%2Fpython-saml-sp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zitadel%2Fpython-saml-sp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zitadel","download_url":"https://codeload.github.com/zitadel/python-saml-sp/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zitadel%2Fpython-saml-sp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279006109,"owners_count":26084026,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-11T02:00:06.511Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["examples","python","saml","saml-authentication","saml-service-provider","saml-sp","zitadel"],"created_at":"2024-11-30T02:10:31.635Z","updated_at":"2025-10-11T03:30:19.621Z","avatar_url":"https://github.com/zitadel.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# A SAML Service Provider with ZITADEL Integration\n\nThis repository provides a simple SAML Service Provider (SP) setup to interact with ZITADEL as the Identity Provider (IdP). The application is built using Flask and the `pysaml2` library.\n\n## Overview\n\nWe will be testing out the SP-Initiated SAML Flow:\n\n1. The user attempts to access a resource at the SP.\n2. The SP redirects the user to the IdP for authentication.\n3. The user authenticates at the IdP.\n4. The IdP sends a SAML response back to the SP.\n5. The SP processes the SAML response and grants the user access.\n6. The user logs out and sends a SAML request to the SLO endpoint and receives a SAML response.\n\n## Prerequisites\n\n- Python 3.x\n- A ZITADEL instance on [ZITADEL Cloud](https://zitadel.com/signin) or your own self-hosted ZITADEL instance\n\n\n## Setting Up\n\n1. **Clone the Repository**\n    ```sh\n    git clone https://github.com/zitadel/python-saml-sp.git\n    cd python-saml-sp\n    ```\n\n2. **Install Dependencies**\n    Make sure you have Python 3 installed. Then, create a virtual environment and install the required packages.\n    ```sh\n    python3 -m venv venv\n    source venv/bin/activate\n    pip3 install -r requirements.txt\n    ```\n\n3. **ZITADEL Configuration**\n    You need to create a SAML app in your ZITADEL instance and upload the `sp_metadata.xml` file found in this repository. Follow these steps:\n    - Log in to your ZITADEL instance.\n    - Go to Projects and select your Project or create a new Project.\n      ![Create project](screenshots/zitadel_1.png)\n    - Create a new Application by clicking on the `+` button.\n      ![Create app](screenshots/zitadel_2.png)\n    - Select SAML as the Application type and provide a name.\n      ![Create SAML app](screenshots/zitadel_3.png)\n    - You can provide your SAML SP configuration using any of the options given and we will provide a metadata file.\n      ![SAML Config](screenshots/zitadel_4.png)\n    - Upload the `sp_metadata.xml` file.\n      ![Upload metadata file](screenshots/zitadel_5.png)\n    - Review and create the application.\n      ![Review](screenshots/zitadel_6.png)\n    - You can view the SAML endpoint URLs in the URLs tab.\n      ![URLs](screenshots/zitadel_7.png)\n    - Obtain the IdP metadata URL file (`https://[your-ZITADEL-domain]/saml/v2/metadata`) from ZITADEL and replace the content of `idp_metadata.xml` with the provided IdP metadata.\n\n\n## Running the Application\n\n1. **Set Environment Variables**\n    ```sh\n    export FLASK_APP=app.py\n    export FLASK_ENV=development\n    ```\n\n2. **Run the Application**\n    ```sh\n    flask run\n    ```\n    The application should now be running on `http://127.0.0.1:5000`.\n\n## Endpoints\n\n- `/` - Home page with options to generate a SAML request and perform SSO.\n- `/generate_saml_request` - Endpoint to generate the SAML request.\n- `/sso` - Endpoint to redirect to the IdP with the SAML request.\n- `/acs` - Assertion Consumer Service endpoint to handle the SAML response from the IdP.\n- `/logout` - Endpoint to initiate logout.\n- `/slo` - Endpoint to handle Single Logout (SLO) response from the IdP.\n\n## Files\n\n- **templates/index.html** - HTML template for the home page.\n- **templates/response.html** - HTML template to display the SAML response and user information.\n- **app.py** - Main application file.\n- **config.json** - Configuration file for the SAML SP.\n- **idp_metadata.xml** - IdP metadata file (you must replace this with your own from ZITADEL).\n- **sp_metadata.xml** - SP metadata file to be uploaded to ZITADEL.\n- **requirements.txt** - List of Python dependencies needed to run the application.\n- **sp-cert.pem** - SP certificate file.\n- **sp-csr.pem** - SP certificate signing request file.\n- **sp-key.pem** - SP private key file.\n\n## Notes\n\n- Keep the `sp-key.pem` file secure and do not share it publicly.\n\n## Generating Your Own sp-key.pem and sp-cert.pem\n\nIf you want to generate your own `sp-key.pem` and `sp-cert.pem` files, you can use the following OpenSSL commands:\n\n1. **Generate the private key:**\n    ```sh\n    openssl genpkey -algorithm RSA -out sp-key.pem -aes256\n    ```\n\n2. **Generate the certificate signing request (CSR):**\n    ```sh\n    openssl req -new -key sp-key.pem -out sp-csr.pem\n    ```\n\n3. **Generate the self-signed certificate:**\n    ```sh\n    openssl req -x509 -key sp-key.pem -in sp-csr.pem -out sp-cert.pem -days 365\n    ```\n    Replace `-days 365` with the desired validity period for the certificate.\n   \n\n## Acknowledgements\n\n- [Flask](https://flask.palletsprojects.com/)\n- [pysaml2](https://pysaml2.readthedocs.io/)\n- [ZITADEL](https://zitadel.com/)\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzitadel%2Fpython-saml-sp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzitadel%2Fpython-saml-sp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzitadel%2Fpython-saml-sp/lists"}