uniAuth 1.0-rc

applicazione web

Identity Provider per la gestione del SingleSignOn

Technical detail




The vitality index, as explicited in the guidelines for the acquisition and reuse of software for Italian PA, is calculated according to the following four main categories:

  • Code activity: the daily number of commits and merges;
  • Release history: the daily number of releases;
  • User community: the number of unique authors;
  • Longevity: the age of the project.

The ranges of every measure can be found in the vitality-ranges.yml file.

Development status: stable

Software functionality

Full Internazionalization support (i18n);

Interactive Metadata Store definitions through the Admin Backend UI;

Interactive ServiceProvider Federation through the Admin Backend UI;

Customizable Template and style based on AGID guidelines;

MetadataStore and SP validations on save, to prevent faulty configurations in production;

Optional and quite granular Agreement Screen;

Many configurable options, for every SP we can decide:

signature and digest algorithms;

attributes release policies;

attribute rewrite and creation, fully configurable AttributeProcessors per SP;

every aspect of attribute release can be customized from schratch;

selectable hashing algorithm for Computed NameID;

agreement screen message, availability, data consent form.

Configurable log rotation through uwsgi;

Importable StoredPersistentID for each user, for migrations from other IDP;

An LDAP web manager with a configurable app (`ldap_peoples`);

Multifactor support, as available in djangosaml2idp;

Detailed but not huge logs.


  • employment
  • detailed information

    uniAuth 1.0-rc

    applicazione web

    Last release 2019-02-05 (1.0-rc)

    Type of maintenance internal

    Extended description

    uniAuth would let simple users to do an applicative administration of the platform, create new metadata store and federate new Service Provider, without handle high sysadmin tasks.

    uniAuth, as a SAML2 IDP, is based on pysaml2 and it supports:

    • HTTP-REDIRECT and POST bindings; - AuthnRequest with or without ForceAuthn; - SLO, SAML Single Logout; - Encrypted assertions, customizable sign/digest algorithms and, in general, it presents a good posture in terms of security regarding SAML standards. - uniAuth do not support AllowCreate NameIDPolicy, this behaviour is completely demanded to uniAuth AttributeProcessors.
    back to contents