{"library":"remix-auth-saml","title":"Remix Auth SAML Strategy","description":"remix-auth-saml provides a SAML 2.0 authentication strategy for Remix Auth, enabling single sign-on (SSO) integration in Remix applications. This library abstracts the complexities of SAML authentication flows, including service provider (SP) and identity provider (IdP) interactions, metadata exchange, and assertion processing. The current stable version is 1.2.0, with releases occurring periodically, primarily for dependency updates and minor fixes as seen in recent changelogs. Key differentiators include its direct integration with the Remix Auth ecosystem, providing a familiar API for developers already using `remix-auth`, and its explicit support for both Node.js and Cloudflare runtimes, making it versatile for various deployment targets.","language":"javascript","status":"active","last_verified":"Wed Apr 22","install":{"commands":["npm install remix-auth-saml"],"cli":null},"imports":["import { SamlStrategy } from 'remix-auth-saml';","import { metadata } from 'remix-auth-saml';","import { Authenticator } from 'remix-auth';"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import { Authenticator } from \"remix-auth\";\nimport { sessionStorage } from \"~/services/session.server\"; // Assuming a session storage setup\nimport { SamlStrategy } from \"remix-auth-saml\";\nimport * as validator from \"@authenio/samlify-node-xmllint\"; // Or another SAML XML validator\n\n// Create an Authenticator instance\nexport let authenticator = new Authenticator(sessionStorage);\n\n// Initialize the SAML strategy\nlet samlStrategy = new SamlStrategy(\n {\n validator,\n authURL: \"http://localhost:3000/auth/saml\",\n callbackURL: \"http://localhost:3000/auth/saml/callback\",\n idpMetadataURL: \"http://localhost:7000/metadata\", // URL to your Identity Provider's metadata\n spAuthnRequestSigned: false,\n spWantAssertionSigned: false,\n spWantMessageSigned: false,\n spWantLogoutRequestSigned: false,\n spWantLogoutResponseSigned: false,\n spIsAssertionEncrypted: false,\n // Optional: Specify private keys and certificates for signing/encryption\n // privateKey: \"./path/to/sp-private-key.pem\",\n // signingCert: \"./path/to/sp-public-cert.pem\"\n },\n async ({ extract, data }) => {\n // This verify callback runs after successful SAML authentication\n // 'extract' contains parsed user profile data from the SAML assertion\n // 'data' is the raw IdP response, useful for backend verification or decryption\n console.log(\"User profile extracted:\", extract);\n console.log(\"Raw IdP response data:\", data);\n\n // Here, you would typically find or create a user in your database\n // based on 'extract' data and return the user object.\n // Example: const user = await userService.findOrCreate(extract);\n // return user;\n\n // For this example, we'll just return a placeholder\n return { id: extract.nameID, email: extract.attributes['urn:oid:0.9.2342.19200300.100.1.3'] };\n }\n);\n\n// Register the strategy with the Authenticator\nauthenticator.use(samlStrategy, \"saml\");\n\n// Export SP metadata for the IdP\nexport let spMetadata = samlStrategy.metadata();","lang":"typescript","description":"This quickstart demonstrates the core setup for `remix-auth-saml`, including initializing `Authenticator`, configuring `SamlStrategy` with essential SAML parameters, and providing a `verify` callback to process user data post-authentication. It also shows how to expose the Service Provider (SP) metadata for your Identity Provider (IdP).","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}