The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.


Add Product ListingAdd Product Listing

Products provides a central location for providers to describe available tools that support SAML. Users are invited to share experiences using the "add new comment" link that appears at the bottom of each listing.

This directory is provided as a community resource and is not the result of any certification program or compliance testing. Authors are solely responsible for the accuracy of their entries. OASIS encourages readers to evaluate this information independently.

Filter by features:


With support for SAML, WS-*, OpenID and other standards, Centrify eliminate password sprawl with SSO for SaaS apps — and Zero Sign-On for mobile apps — while giving IT centralized control over access to SaaS applications.

Read more

Feide RnD: simpleSAMLphp

SimpleSAMLphp is a simple application written in native PHP that deals with authentication. SimpleSAMLphp supports several federation protocols, authentication mechanisms and can be used both for local authentication, as a service provider or as an identity provider. simpleSAMLphp can even be used to bridge other federation protocols, in example allowing you to setup a Shibboleth 1.3 Service Provider in a SAML 2.0 Federation (or the other way around).

Read more

Internet2: OpenSAML

Open source libraries in Java and C++ providing core message, binding, and profile classes for implementing applications based on SAML 1.0, 1.1, and 2.0. Extensive design integration with the native Java and C++ programming models is provided. OpenSAML is a low-level toolkit that does not by itself implement full SAML profiles such as single sign-on, but can be used to simplify the implementation of such profiles. Provided under the standard Apache 2.0 license for use in any commercial or non-commercial code.

Read more

Internet2: Shibboleth

A flexible and comprehensive open source, cross-domain, attribute-based web single-sign on system based on SAML 1.x and 2.0. Built on the OpenSAML libraries, a Java-based identity provider and native (C++) service provider are provided. The identity provider supports pluggability of both authentication and attribute sources and supports most of the core SAML SSO profiles and bindings. The service provider supports most popular web servers and enables seamless and loosely coupled integration of authentication and attribute data with applications without programming to product-specific APIs.

Read more


In-Webo (, strong authentication as a service (SaaS). Very simply, In-Webo has made a pure bulletproof software implementation of the OTP mechanism.

Read more

Lasso - Liberty Alliance Single Sign-On

Lasso is a free software C library implementing the Liberty Alliance and SAML standards (ID-FF, SAMLv2, ID-WSF); it defines processes for federated identities, single sign-on and related protocols, and is used to bring digital identity features to web sites and applications. Lasso passed both ID-FF 1.2 and SAMLv2 Liberty interoperability tests.

Lasso comes with native language support for Java, Perl, Python and PHP.

Read more



LemonLDAP::NG is a full open source WebSSO product.

It supports a lot af authentication backends :

  • LDAP
  • SSL
  • Kerberos
  • CAS
  • DBI
  • Liberty Alliance
  • SAMLv2
  • OpenID
  • Twitter

Read more

Nexus Technology: Argus Authentication Server

Nexus Argus Authentication Server  is a versatile, flexible and cost-efficient single sign-on access solution for web applications. The product name “Argus” refers to the mythological figure with one hundred eyes engaged by a goddess to guard a holy present. Analogously, Nexus Argus is the watcher of organizations’ valuable information accessible over the web.

Read more


OneLogin is a cloud-based provider of single sign-on, user provisioning and directory integration. OneLogin is pre-integrated with 1,500+ of applications, such as Salesforce, Google Apps, SugarCRM, WebEx, Workday, OpenAir,, Cornerstone OnDemand, Coupa, Yammer, Zendesk, WordPress, Central Desktop, KnowledgeTree and many more. 

Read more


The goal of OpenSSO is to provide an extensible implementation of an identity services infrastructure that will facilitate single sign-on for web applications hosted on web servers and application servers. Delivered as a self-contained J2EE application, OpenSSO provides access management, federation, and web services security functionality in a simple WAR file that can be deployed in minutes.

Read more Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I