Migrating the SAML configuration

In Unomaly 3.3, the entire authentication flow has been revamped. If you are using the built-in user system, everything will be migrated and you shouldn't notice anything. If you are using SAML though, you will need to migrate the configuration manually. This is a guide to help you in that process.

First, look at the old configuration, which is located in /DATA/unomaly_saml.php on the instance. It can look something like this:

$saml_config = array(
 // The identity provider id URL
 'idp_entity_id' => 'https://accounts.google.com/o/saml2?idpid=abc123',

// The identity provider SSO login service
 'idp_sso_service' => 'https://accounts.google.com/o/saml2/idp?idpid=abc123',

// The identity provider SSO logout service. Note that this can be left
 // blank if you don't want to perform SSO logout from Unomaly.
 'idp_slo_service' => '',

// The path to the public key for the identity provider, eg. /DATA/saml.pem
 'idp_public_cert_path' => '/DATA/saml.pem',

// Require user to be part of certain group
 // true: yes
 // false: no
 'require_group' => false,

// Default group if require_group is false
 // 1: administrator
 // 2: user
 // 3: limited
 'default_group' => 1,

// Group attribute name as configured in the IDP
 'group_attribute' => '',

// Group name to be mapped to the administrator group
 'group_admin' => '',

// Group name to be mapped to the user group
 'group_user' => '',

// Friendly service name to show on the login screen
 'name' => 'Login with Google',

// Autologin without having to click the login buton
 'autologin' => true,

);

To setup the new SAML authentication, go to Settings --> Authentication in Unomaly and create a new SAML configuration, and then press Edit to modify the settings.

Fill out the form similar to this if your configuration is like the above.