Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/oktadev/okta-spring-boot-saml-example
Spring Boot, SAML, and Okta
https://github.com/oktadev/okta-spring-boot-saml-example
okta saml spring-boot spring-security spring-security-saml
Last synced: about 1 month ago
JSON representation
Spring Boot, SAML, and Okta
- Host: GitHub
- URL: https://github.com/oktadev/okta-spring-boot-saml-example
- Owner: oktadev
- License: apache-2.0
- Created: 2017-03-16T21:30:04.000Z (almost 8 years ago)
- Default Branch: main
- Last Pushed: 2023-05-03T17:32:24.000Z (over 1 year ago)
- Last Synced: 2024-04-15T15:55:33.433Z (8 months ago)
- Topics: okta, saml, spring-boot, spring-security, spring-security-saml
- Language: Java
- Homepage: https://developer.okta.com/blog/2022/08/05/spring-boot-saml
- Size: 1.2 MB
- Stars: 73
- Watchers: 9
- Forks: 54
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Spring Boot, SAML, and Okta
A Spring Boot example app that shows how to implement single sign-on (SSO) with Spring Security's SAML and Okta.
Please read [Get Started with Spring Boot, SAML, and Okta][blog] to see how this app was created.
**Prerequisites:**
- [SDKMAN](https://sdkman.io/) (for Java 17)
> [Okta](https://developer.okta.com/) has Authentication and User Management APIs that reduce development time with instant-on, scalable user infrastructure. Okta's intuitive API and expert support make it easy for developers to authenticate, manage and secure users and roles in any application.
* [Getting Started](#getting-started)
* [Links](#links)
* [Help](#help)
* [License](#license)## Getting Started
To install this example application, run the following commands:
```bash
git clone https://github.com/oktadev/okta-spring-boot-saml-example.git
cd okta-spring-boot-saml-example
```### Create a SAML App in Okta
To begin, you'll need an Okta developer account. You can create one at [developer.okta.com/signup](https://developer.okta.com/signup) or install the [Okta CLI](https://cli.okta.com) and run `okta register`.
Then, log in to your account and go to **Applications** > **Create App Integration**. Select **SAML 2.0** and click **Next**. Name your app something like `Spring Boot SAML` and click **Next**.
Use the following settings:
* Single sign on URL: `http://localhost:8080/login/saml2/sso/okta`
* Use this for Recipient URL and Destination URL: ✅ (the default)
* Audience URI: `http://localhost:8080/saml2/service-provider-metadata/okta`Then click **Next**. Select the following options:
* I'm an Okta customer adding an internal app
* This is an internal app that we have createdSelect **Finish**.
Okta will create your app, and you will be redirected to its **Sign On** tab. Scroll down to the **SAML Signing Certificates** and go to **SHA-2** > **Actions** > **View IdP Metadata**. You can right-click and copy this menu item's link or open its URL. Copy the resulting link to your clipboard. It should look something like the following:
```
https://dev-13337.okta.com/app//sso/saml/metadata
```Go to your app's **Assignment** tab and assign access to the **Everyone** group.
### Create a SAML App in Auth0
[Sign up for an Auth0 account](https://auth0.com/signup) or [log in](https://auth0.com/api/auth/login?redirectTo=dashboard) with your existing one. Navigate to **Applications** > **Create Application** > **Regular Web Applications** > **Create**.
Select the **Settings** tab and change the name to `Spring Boot SAML`. Add `http://localhost:8080/login/saml2/sso/auth0` as an **Allowed Callback URL**.
Scroll to the bottom, expand **Advanced Settings**, and go to **Endpoints**. Copy the value of the **SAML Metadata URL**. Select **Save Changes**.
Clone the `auth0` branch, which contains changes to look for Auth0 attributes instead of Okta attributes.
```shell
git clone -b auth0 https://github.com/oktadev/okta-spring-boot-saml-example.git
cd okta-spring-boot-saml-example
```Copy your **SAML Metadata URL** into `src/main/resources/application.yml`:
```yaml
spring:
security:
saml2:
relyingparty:
registration:
auth0:
assertingparty:
metadata-uri:
...
```### Run the App and Login
Run your Spring Boot app from your IDE or using the command line:
```shell
./gradlew bootRun
```Open `http://localhost:8080` in your favorite browser and log in with the credentials you used to create your account.
You should see a successful result in your browser.
If you want to make the logout button work and display a user's attributes, please read the blog post.
## Links
This example uses Spring Boot and [Spring Security SAML](https://docs.spring.io/spring-security/reference/servlet/saml2/login/index.html) to integrate with Okta and Auth0.
## Help
Please post any questions as comments on the [blog post][blog], visit the [Okta Developer Forums](https://devforum.okta.com/), or talk to us on the [Auth0 Community Forums](https://community.auth0.com/).
## License
Apache 2.0, see [LICENSE](LICENSE).
[blog]: https://developer.okta.com/blog/2022/08/05/spring-boot-saml