Add two factor authentication like OTP to simpleSAMLphp. The second factor is managed in privacyIDEA.

Installs: 1 224

Dependents: 0

Suggesters: 1

Security: 0

Stars: 16

Watchers: 14

Forks: 25

Open Issues: 7


v2.1.3 2022-03-28 08:16 UTC


This plugin adds flexible, enterprise-grade two factor authentication to simplesSAMLphp.

It enables simpleSAMLphp to do two factor authentication against a privacyIDEA server, that runs in your network. Users can authenticate with normal OTP tokens, Challenge Response tokens like EMail and SMS or using WebAuthn and U2F devices. TiQR is currently not supported.


It is recommended to install this package using composer. In your saml root dir, execute the following command in a terminal:

composer require privacyidea/simplesamlphp-module-privacyidea


Please check the documentation

Customization (Themes)

Please check the readme


The saml log can be read with journalctl -f. If you encounter any problems that are not logged as errors, set the logging level of saml to debug by editing {samlDir}/config/config.php. Search for logging.level and set it so SimpleSAML\Logger::DEBUG. Alternatively, the apache error log can be checked for errors. It is located at /var/log/apache2/error.log