The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

OneLogin’s Open-Source SAML Toolkit Democratizes Single Sign-On

A growing number of security-conscious SaaS vendors leverage OneLogin’s free and open-source SAML toolkit to give their customers identity management in the cloud with single sign-on, directory integration and multi-factor authentication. Zendesk’s and SugarCRM’s SAML implementation will be showcased at SugarCon 2011, April 4-6, 2011, Booths 501 & 503.

Los Angeles, CA, March 30, 2011 –  OneLogin offers Software-as-a-Service (SaaS) vendors a free and open-source SAML (Security Assertion Markup Language) toolkit designed to shorten the development time and reduce the complexity previously needed to SAML-enable an application. SAML is a web browser single sign-on protocol that eliminates passwords from the login process, providing quick and safe application access. OneLogin is experiencing a growing demand for its toolkit and has recently assisted the following vendors with their SAML implementation: Zendesk, KnowledgeTree, SugarCRM, Chrome River and SAManage.  The SugarCRM and Zendesk SAML implementations will be demoed to SugarCon 2011 attendees from April 4-6, 2011, booth 501 and 503.

“SAML is definitely gaining traction among SaaS vendors,” says Thomas Pedersen, Founder and CEO of OneLogin. “With our toolkit, most applications can be SAML-enabled in hours, significantly reducing the development time and essentially democratizing SAML – it’s now available to the masses.”

Organizations who have embraced cloud computing are asking their SaaS vendors for single sign-on in order to alleviate the pain points of both IT and non-IT staff – while employees are suffering from password-fatigue, IT cannot adequately protect enterprise data from unauthorized access. With single sign-on, employees gain easy and secure access to all their web applications – hosted in the cloud and behind the firewall – while IT can control application access and authenticate users centrally.

“Zendesk customers are cloud-savvy and use several web-based applications for more efficient business processes,” explains Ben Rohrs, Product Manager with Zendesk. "We leveraged OneLogin's SAML toolkit to help users get fast and secure access to Zendesk while easily integrating their help desk with Active Directory or LDAP."

About SAML
SAML is an XML-based standard for web browser single sign-on defined by the OASIS Security Services Technical Committee. SAML enables identity providers like OneLogin to securely sign users into web-based applications such as, Zendesk, SugarCRM and KnowledgeTree, without a user-managed password, which has a number of significant advantages for customers:
  • Eliminating passwords prevent phishing attacks and make application access safe yet easy.
  • Authenticating users is done by the identity provider who can implement multi-factor authentication and enforce security policies.
  • Integrating the company’s directory for single sign-on is done via the identity provider – there’s only one, central integration point required.
  • Controlling application access is done in one centralized location, providing IT staff with greater visibility and access to auditing tools.
OneLogin’s Free SAML Toolkit
SAML has historically been complex and expensive to implement for SaaS vendors. With OneLogin’s free and easy-to-use SAML toolkits for C#/ASP.NET, Java, PHP and Ruby there is no reason for web application vendors not to implement SAML and provide their customers with easy and secure access to their data. (

“When SugarCRM customers asked for single sign-on functionality, we turned to OneLogin’s free and open-source SAML toolkit,” says Jason Nassi, Directory of ISV Alliances at SugarCRM. “OneLogin’s solution enabled us to complete the SAML implementation in less than an hour, greatly accelerating the development time.”

About OneLogin
OneLogin is a cloud-based identity management solution that provides single sign-on, user provisioning and directory integration. OneLogin is pre-integrated with thousands of applications and allows enterprises to get up and running in minutes. IT can centralize user management, access control and auditing while end-users get secure, one-click access to all their web applications – in the cloud and behind the firewall. OneLogin, Inc. is backed by Charles River Ventures and Redpoint Ventures.  
Free Trial Available at: | Twitter: @onelogin

For more information:
Nathalie Benoit, OneLogin, Inc.
+1-310-584-7982 Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I