Single sign-on with Azure AD in PHP

You may also like...

12 Responses

  1. Irwin says:

    Great job.
    I didn’t have time to figure out what was wrong with the original. This cleared things up.

  2. Peter says:

    Do you have an idea how to create a virtual host on MAMP ? Thanks in advance.

  3. Lewis says:

    I’d expect it’s a matter of finding the config and making appropriate edits there. Not sure where that will be as I’ve never used MAMP but if you’re using the Apache server (instead of nginx) you’ll want something similar to this inside any like tags.

    You’d create an Alias first, then set the directories attributes like this:

    Alias /myaliasdirectory /var/www/directorybeingaliased

    Options Indexes FollowSymLinks
    AllowOverride AuthConfig
    Order allow,deny
    Allow from all

    You’d then visit the alias by going to for example.

    HTH – Lewis

  4. Rishabh says:

    How to logout from it??

  5. Lewis says:

    Rishabh, you’ll want to use the next post in this series instead. This post was more to assist people in using the example that was posted on the Azure site. That article has now been removed and as far as I’m aware there is no documentation available for the scripts used in this article. Use simpleSAMLphp instead, it has a much better API.

  6. Balaji says:

    Hi Lewis,

    I am trying to configure Azure AD as an IDP to SimpleSAMLPHP (SP), I have created an APP in Azure and configured all the URLs
    Sign-On URL to Assertion Consumer Service URL
    APP ID to MetaData EntityID
    Reply URL to Assertion Consumer Service URL

    When I click on the APP I created it redirects to my AssertionService URL after authenticating with but on the return I do not see SAMLRESPONSE without it SIMPLESAMLPHP will not proceed further and it stops there.

    Could you please let me know what I could be missing here.


  7. Lee says:

    Hi Lewis,

    Thanks very much for the article, it’s a lifesaver! Quick question, this allows you to authenticate against one AAD, would it be easy to allow multiple AAD’s authenticate against the one site?



  8. Manoj says:

    Hi Lewis,

    Thank you very much for your helpful article.
    Would you please guide me, how to setup same things on XAMPP Apache server for single logon functionality.


  9. Edwin says:


    Thanks for all the info.
    It’s working for me with an SSO2…. site.
    I’m missing the point why you created two sites.

    In this example you don’t use the site.
    So why create that site?

  10. Yeps says:

    Awesome worked like a charm! Thanks a million

  11. Apurba Bhaskar says:

    Awesome worked like a charm but the thumbprint is getting changed, can you please help on this

  12. Apurba Bhaskar says:

    Awesome worked like a charm but the thumbprint is getting changed. can you please help on this?

Discover more from

Subscribe now to keep reading and get access to the full archive.

Continue reading