npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

saml-login

v0.1.60

Published

SAML 2.0 implementation for Node.js

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

rhosysrhosys

Keywords

samladfsssosaml loginloginpassportnode-samlsaml2saml2.0saml-loginsaml-authenticationsaml-spsaml-idpopenidauthenticationservice provideridentity providerSP initiatedIdP initiatedAssertions

Readme

Full SAML2.0 integration for NodeJS

npm version

This is a SAML 2.0 authentication provider for applications, service providers, and IdP for Node.js

Installation

npm install saml-login

Usage

Generate Authentication URL

The SAML identity provider will redirect you to the URL provided by the path configuration.

const { SAML } = require("saml-login");
const saml = new SAML();

const options = {
  /** The provider's SSO URL. Where to direct the user to login and verify their identity. */
  providerSingleSignOnUrl: 'string',
  /** A unique ID generated for the request which can be used to verify later that the response is valid. If not specified an ID will be generated automatically. */
  authenticationRequestId: 'string',
  /** The date of the request, later this date will be used to verify the response, if it is not provided here, it will automatically generated. */
  requestTimestamp: new Date(),
  /** Your application's entity Id, should be a fully qualified URL, and must match the application entityId specified to the IdP.  */
  applicationEntityId: 'string',
  /** Your application's ACS SSO callback URL and must match the one registered with the IdP. This URL will receive the response from the IdP and must return a 302. */
  applicationCallbackAssertionConsumerServiceUrl: 'string',
};

const idpAuthenticationUrl = await saml.generateAuthenticationUrl(options);

Verify and Parse Login Response

const { SAML } = require("saml-login");
const saml = new SAML();

const options = {
  /** Identity provider public certificate to use for verifying the signature of the SAML Response. */
  providerCertificate: 'string',

  /** Your application's entity Id, should be a fully qualified URL, and must match the application entityId specified to the IdP, used to verify the response.  */
  applicationEntityId: 'string'
};

const { authenticationRequestId } = await saml.getSamlAssertionMetadata(request.body);
const { profile } = await saml.validatePostResponse(options, request.body);

Generate SAML Delegation URL

When the user is already logged into your application, and you want to log the user into a third party using their existing authentication. This generates the SAML Payload and URL to redirect the user to

const { SAML } = require("saml-login");
const saml = new SAML();

const options = {
  /** Your platforms IdP Entity ID or URL */
  issuerEntityId: 'https://my.idp.com',
  /** Your private key to sign the delegation request. */
  privateKey: '----BEGIN PRIVATE KEY...',
  /** Your application's entity Id, should be a fully qualified URL, and must match the application entityId specified to the IdP.  */
  applicationEntityId: 'https://thirdpart.application.com/',
  /** Your application's ACS SSO callback URL and must match the one registered with the IdP. This URL will receive the response from the IdP and must return a 302. */
  applicationAssertionConsumerServiceUrl: 'https://thirdpart.application.com/saml',
  /** The relevant user that wants to log into the third party application. */
  userId: 'user_id'
};

const spDelegationUrl = await saml.generateDelegationUrl(options);

ChangeLog

See Changelog