定制 magedevgroup/module-admin-sso-okta 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

magedevgroup/module-admin-sso-okta

Composer 安装命令:

composer require magedevgroup/module-admin-sso-okta

包简介

Okta provider plugin for Magento 2 admin SSO — supplies the Okta OIDC preset (discovery, groups claim, branding) for the provider-agnostic admin-sso capability. Installs admin-sso (and sso-core) automatically.

README 文档

README

Okta login for the Magento 2 admin panel.

License Magento PHP Version

A thin Okta provider plugin for the provider-agnostic admin-sso capability. It supplies the Okta OIDC preset — discovery from your org domain, scopes, groups claim, login-button branding — while all OIDC protocol lives in sso-core and all admin logic in admin-sso. Installing it pulls admin-sso and sso-core automatically.

Installation

composer require magedevgroup/module-admin-sso-okta
bin/magento module:enable MageDevGroup_SsoCore MageDevGroup_AdminSso MageDevGroup_AdminSsoOkta
bin/magento setup:upgrade

Create the Okta OIDC app

In the Okta Admin Console → Applications → Create App Integration:

  1. Sign-in method OIDC - OpenID Connect, application type Web Application.
  2. Sign-in redirect URI — the admin-sso callback: https://<admin-host>/<admin-path>/adminsso/sso/callback (<admin-path> is the backend frontName, default admin). It must match the admin URL used at runtime exactly.
  3. Save, then copy the Client ID and Client secret.
  4. Groups claim — for IdP-group → ACL-role mapping, add a groups claim to the ID token: Sign On → OpenID Connect ID Token → Groups claim, filter e.g. Matches regex .*. Without this Okta emits no groups and role mapping falls back to the default role.

Configuration

Admin → Stores → Configuration → MageDevGroup → Admin SSO.

General (magedevgroup_admin_sso/general/*):

Field Value
Enable Admin SSO Yes
Identity Provider Okta
Client ID from the Okta app
Client Secret from the Okta app

Okta (magedevgroup_admin_sso/okta/*, shown when Okta is selected):

Field Value
Org Domain your org domain, e.g. dev-123.okta.com (scheme optional, https assumed)
Custom Authorization Server optional server id (e.g. default); empty = org server

The discovery URL is derived from these: https://<domain>/.well-known/openid-configuration, or https://<domain>/oauth2/<auth-server>/.well-known/openid-configuration with a custom authorization server.

Group → role mapping and enforce-SSO/break-glass are configured in admin-sso; see that module's README.

Requirements

  • Magento 2.4.x
  • PHP 8.3 – 8.5

Part of the MageDevGroup identity suite

Repo Role
sso-core Shared OIDC engine (installed automatically)
admin-sso · admin-sso-<idp> Admin-panel SSO login
customer-sso · customer-sso-<idp> Storefront SSO login
admin-scim · admin-scim-<idp> Admin-user provisioning (SCIM 2.0)

License

OSL-3.0 © MageDevGroup. Commercial licensing and support: https://magedevgroup.com.

统计信息

  • 总下载量: 0
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 0
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: OSL-3.0
  • 更新时间: 2026-07-08

承接程序开发

PHP开发

VUE

Vue开发

前端开发

小程序开发

公众号开发

系统定制

数据库设计

云部署

网站建设

安全加固