handnot2
Samly - Add SAML SSO to your Phoenix application (now with multiple identity provider support)
Samly can be used to enable SAML 2.0 Single Sign On in a Plug/Phoenix application.
This library uses Erlang esaml to provide
plug enabled routes. Use of esaml provides the following capabilities:
- SP initiated login
- SP initiated logout
- IdP initiated logout
This is tested with SimpleSAMLphp. There is a fairly detailed README.md file to help you get started. There are two companion Repos:
samly_simplesaml- Use this to create your own SAML IdP for development purpose when working withSamlysamly_howto- This is a sample Phoenix application that shows how to useSamly
The readme file has an FAQ section that covers the following:
- How to setup a SAML 2.0 IdP for development purposes
- Sample Phoenix application that shows how to use Samly
- How to register the service provider with IdP
- How to enable Samly in my application
Feedback and contributions are appreciated.
Most Liked
handnot2
Samly v1.0.0 Released!
Samly is a Plug library that can be used to enable SAML Single-Sign-On authentication in Phoenix applications. It makes use of the esaml library for core SAML request/response handling.
This has been used successfuly to work with the following Identity Providers:
-
Okta
-
Ping Identity
-
OneLogin
-
ADFS
-
Nexus GO
-
Shibboleth
-
SimpleSAMLphp
Hopefully, this library provides some help in successful adoption of Elixir in Enterprise/Intranet.
Many thanks to the following contributors (samly and esaml):
Many others also contributed by using this library, opening Github issues and providing feedback in DM. Please continue to open issues and submit PRs to improve Samly further. Also, share your experience in getting Samly to work with your IdP so others in the community can benefit as well.
Repos:
esaml: GitHub - handnot2/esaml: Erlang SAML library, SSO and SLO, with Cowboy integration · GitHub
Docker based Identity Providers for development purposes:
Shibboleth: GitHub - handnot2/samly_shibboleth: Shibboleth SAML IdP setup for dev · GitHub
Development Assistance:
Phoenix Application showing Samly usage: GitHub - handnot2/samly_howto: Sample Elixir Phoenix application showing Samly library usage for SSO enablement · GitHub
maennchen
Hey everyone,
the EEF CNA just published a CVE for esaml:
https://cna.erlef.org/cves/CVE-2026-28809.html
It’s an XXE issue in the SAML handling that can lead to local file reads and potentially SSRF.
We tried reaching out to the maintainers but unfortunately didn’t get a response, and there’s currently no patch available.
If you’re using this library in production, it’s probably worth taking a closer look. And if someone here is interested in stepping up: this might be a good candidate to take over maintenance (fork, patch, and coordinate with the Hex.pm team to transfer ownership).
If a fix gets released, please let us know so we can update the advisory and mark affected versions correctly:
https://cna.erlef.org/contact
handnot2
Created a blog post on using samly. This includes instructions on setting up a self-hosted Shibboleth SAML Identity Provider that uses OpenLDAP.
Popular in Announcing
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance










