uniAuth 1.0-rc

applicazione web

Identity Provider per la gestione del SingleSignOn

Technical detail




Vitality is an index calculated following the four main categories of the document:

  • Code activity: the daily number of commits and merges;
  • Release history: the daily number of releases;
  • User community: the number of unique authors;
  • Longevity: the age of the project. The ranges of every measure can be found in the vitality-ranges.yml file in https://github.com/italia/developers-italia-backend

Development status: stable

Software functionality

Full Internazionalization support (i18n);

Interactive Metadata Store definitions through the Admin Backend UI;

Interactive ServiceProvider Federation through the Admin Backend UI;

Customizable Template and style based on AGID guidelines;

MetadataStore and SP validations on save, to prevent faulty configurations in production;

Optional and quite granular Agreement Screen;

Many configurable options, for every SP we can decide:

signature and digest algorithms;

attributes release policies;

attribute rewrite and creation, fully configurable AttributeProcessors per SP;

every aspect of attribute release can be customized from schratch;

selectable hashing algorithm for Computed NameID;

agreement screen message, availability, data consent form.

Configurable log rotation through uwsgi;

Importable StoredPersistentID for each user, for migrations from other IDP;

An LDAP web manager with a configurable app (`ldap_peoples`);

Multifactor support, as available in djangosaml2idp;

Detailed but not huge logs.


  • identity management
  • detailed information

    uniAuth 1.0-rc

    applicazione web

    Last release 2019-02-05 (1.0-rc)

    Type of maintenance internal

    Extended description

    uniAuth would let simple users to do an applicative administration of the platform, create new metadata store and federate new Service Provider, without handle high sysadmin tasks.

    uniAuth, as a SAML2 IDP, is based on pysaml2 and it supports:

    • HTTP-REDIRECT and POST bindings; - AuthnRequest with or without ForceAuthn; - SLO, SAML Single Logout; - Encrypted assertions, customizable sign/digest algorithms and, in general, it presents a good posture in terms of security regarding SAML standards. - uniAuth do not support AllowCreate NameIDPolicy, this behaviour is completely demanded to uniAuth AttributeProcessors.

    Other software that may interest you

    back to contents