We’re excited to announce the release of our new SAML (Security Assertion Markup Language) module! The PBX SAML module provides SSO (Single Sign On) for FreePBX, PBXact, and portals like UCP and Sangoma Desktop Client, allowing users to authenticate with credentials managed by an Identity Provider (IdP).
This new SAML module makes it easier than ever to integrate your FreePBX and PBXact systems with your existing single sign-on solutions, enhancing security and simplifying access for your team.
With this module, you can:
- Easily configure and manage your Identity Provider (IdP) settings. You’ll get a summary page to review your setup, with options to edit, update, test, or even completely reset your configuration if needed.
- Enable SAML login at both the user group and individual user level. This gives you flexible control over who can use SAML for authentication.
- Provide consistent SAML login experience across all your critical platforms. Once enabled, SAML will work seamlessly for the Administrator Control Panel (ACP), User Control Panel (UCP), and Sangoma Desktop Client (SDC).
What Is SAML and Why It Matters
Security Assertion Markup Language (SAML) is a widely adopted standard used by enterprises worldwide to provide secure, centralized authentication. With SAML SSO:
- 🔐 Users sign in once via their organization’s Identity Provider.
- They can access multiple PBX interfaces without repeatedly entering passwords.
- IT teams can manage user identity and access control from a single directory source.
As shown in the example login screen below, the FreePBX login page adapts to the selected Identity Provider, displaying the appropriate SSO button and branded login flow.
This integration significantly improves both security (stronger, centralized credential management) and usability (faster, unified access).
Supported Identity Providers
The new SAML Module includes built-in support for major enterprise IdPs, making it easy to fit into modern IT environments:
- Microsoft Azure Active Directory
- Okta
- Google Workspace
A Guided Setup Experience: PBX SAML Configuration Wizard
To make deployment easy — even for complex enterprise environments — the module includes a step-by-step configuration wizard found under Admin → PBX SAML.
The wizard allows administrators to:
- Select the Identity Provider. Choose Azure AD, Okta, or Google with a single click.
- Upload Metadata Files to configure IdP configurations automatically. Metadata can be uploaded via a simple “Upload & Parse” interface, allowing automatic population of key SAML parameters.
- Configure Admin, UCP & Sangoma Desktop Client. Separate configuration ensures a complete, system-wide SSO experience.
- ✅ Validate Integration with “Test Connection” Tools. The built-in test functionality helps administrators confirm that the SAML setup is working correctly before going live.
Why This Matters for Organizations
By introducing the SAML Module, FreePBX and PBXact become even more suitable for modern, security-focused businesses. Key benefits include:
- Stronger security posture via centralized authentication
- Reduced login friction for end-users
- Simplified onboarding/offboarding
- Compatibility with enterprise Identity Providers
- Visibility and control over SSO-enabled users
Whether you’re an IT admin managing hundreds of users or a smaller team looking for more secure login flows, the SAML Module provides a more seamless and scalable identity experience. 🏖️
Ready to boost your security
and streamline user access?
for a more secure and simplified login experience
for all your users!
Documentation
FreePBX SAML module Documentation in Wiki