Netlify Auth integration with Shibboleth


Is there anyway to use Netlify’s SSO / Auth system with Shibboleth?

Thank you!

Hey there,
Yup, we have supported customers whose IdP is Shibboleth! One thing to be aware of with our SSO implementation is that it is designed to give anyone who has authenticated with your IdP Collaborator-level access to the team’s Netlify account. This is not configurable at this point, though we do have an open feature request along those lines. Please let us know if you have any other questions!

1 Like

Actually I’m asking about the client side auth library, (e.g. identity widget / gotrue-js), not server authentication or Netlify account. Maybe I posted with a wrong tag? :slight_smile:

If that is possible, I’d very much appreciate any pointers on how I should customize the server and the library to make it possible for my visitors to log in using Shibboleth. :pray:

Hello @jen,

Any news on this? I would really love to use Netlify’s service (service + Auth) if I know your auth (gotrue-js) service supports Shibboleth and I can set it up for my users to log in with your system, but I can’t do that before you confirm. Could you let me know please?

Hey there and thanks for the ping! Yup, that’s possible. SAML SSO is part of our Business or higher plans (you can check out our plans and pricing here: Netlify Pricing and Plans). Once you’re on one of those plans, we could enable SAML for you on our end and then help you gather all the information you need to finish the setup. Let us know if you’d like to go that route!

1 Like

Sounds great! I will sign up today and will start the process. One more question: do you support multiple SAML sources for a single account? We will be working with several organizations, and they all have to authenticate using their own Shibboleth-based auth system.

I’m afraid that won’t work- we can only configure SAML for one IdP at a time. If you have a way to authenticate the other auth systems, and then we configure SAML for your one IdP that has already authenticated the others, that could work for your use case. But we wouldn’t be able to advise on how to build something like that.

I’m glad I asked! The system we are developing is for universities, and Shibboleth is the system most of them use. We need to give several universities access to our system and have to be able to authenticate their users.
With your answer, I assume this is not possible with your system (what a pity). If you could think of a way to do it with Netlify’s gotrue-js, please let me know.
Thank you.

Sounds good! If you find a way to implement that, we’d love to hear and get a feature request filed for something similar.