Colin Bitterfield's picture
The various google plugins didn't work at all, Does any have a way ahead for 8.4.0 SSO/SAML
Forum: 
Jeremy Davis's picture

Update: Oops. As noted below, I misread your post! :(

You said SSO/SAML auth - Not SASL! So much of this post is irrelevant! The logging bit might still be useful, but the SASL stuff not so much... After a quick check of the SuiteCRM docs, it seems that no additional PHP modules should be required.

I'll edit what I originally wrote below, strike out the irrelevant bits and try to make the rest more directly relevant.

Hi Colin, I've just double checked and it looks that we don't install the required php package by default. So the first thing is to install the package (and restart apache to load it). Like this:

apt update
apt install php-auth-sasl
systemctl restart apache2

Hopefully that might be enough? Regardless, please let me know how you go.


It might also be worth checking the SuiteCRM log? It should be: /var/www/suitecrm/suitecrm.log

If there isn't anything obvious there, try changing the log settings. You should be able to change them via Admin / System settings / Logger Settings. By default logging should be set to "error" or "fatal". To make the log more verbose, try changing it to "warn", or perhaps even "info".

If you're not sure what is relevant or not, "following" the log in realtime and retrying the thing that isn't working can make it easier to see the relevant errors. I.e. in a terminal (assuming the log location is right and it exists) run this:

tail -f /var/www/suitecrm/suitecrm.log

Then try to connect again, then look at what pops up in the log.

If you manage to work it out yourself, please share. It will no doubt be useful to others and will also help us to improve the appliance in the future.

If you continue to have issues, please share as much info as you can about the problem. It's useful to know the TurnKey version you are using ('turnkey-version'), where it's running and anything else you think might be relevant (you can never give too much info in cases like this). Feel free to share the log - or at least the last ~50 lines of it.

Step-by-step instructions on how to reproduce the problem is often the quickest way for me to be able to help out.

Good luck and I look forward to hearing how you go.

Jeremy Davis's picture

Oops! Sorry I misread your post! :(

You said SSO/SAML auth - Not SASL! So much of what I wrote above is irrelevant! Some - like the logging info - might still be useful, but the SASL specific stuff not so much...

I'll edit my previous post and strike out the irrelevant bits, but after looking through the SuiteCRM docs, it doesn't seem that SSO/SAML auth requires additional php modules. So that's a complete red herring.

So to help, I'll need more info from you. Please share more about your appliance (what TurnKey version it is, where it's running, etc) and what sort of things you have changed since install. Also I'm not familiar with SuiteCRM itself, so please share the exact steps required to configure SSO/SAML.

With that info I can recreate an environment very similar to yours and work out what's going wrong.

Colin Bitterfield's picture

Colin replied via email - but for some reason it didn't get automatically posted? I'll post it here on his behalf and reply below. - Jeremy


I am running Turnkey Linux SuiteCRM with 8.4.0.

The issue getting Google OAUTH or SAML.

The appliance really should have some better setup for SAML. Also apparently there are some dependancies that I can’t get to load.

Angular CLI: Version 16 Node.js: Version 18 Yarn: Version 1.22.10

Jeremy Davis's picture

Thanks for the additional info Colin. So it looks like you are running our v18.0 SuiteCRM appliance.

I've shared more details of what I found hunting around online below. But to summarize: unfortunately unless you can share some more specific info on how you are trying to install/configure this - and where you are getting your config/install info from - I'm not sure if I can help... :(


After googling a bit, I'm not clear if there is a way to enable/use SAML &/or Google OAUTH with the default free v8.x SuiteCRM software?!

Perhaps I missed it somewhere, but the only info I could find related to SSO for the free v8.x core SuiteCRM seemed to be related to older releases - v7.x and older. I found some old SuiteCRM support forum threads and a doc page for the v7.x SuiteCRM release - there was a link to a v8.x doc page, but it gave a 404?!

Beyond that, the only v8.x oauth related docs I could find were API setup/access instructions. I.e. authentication to the SuiteCRM API from an external app - not using an external authentication provider (like Google) to log into SuiteCRM. So that's not relevant here.

I did find some "pay for" external SSO/SAML/oauth authentication plugins/addons in the "SuiteCRM store". You didn't mention anything about using a paid plugin so I'm not sure that's what you are trying to use? Or are there some other instructions somewhere else you found? My gut feeling is the latter, but I need more info!

Regarding angular, nodejs and yarn; the SuiteCRM docs note that they are "development dependencies only - not required for production use". So again, unless I am missing something, you shouldn't need them.

Unless perhaps there is some third party software you are trying to install that requires them? Or it's some "experimental" configuration that requires a SuiteCRM dev environment?

So as I note above, unless you can share some more specific info on what/how you are trying to install/configure this, I'm not sure I can help... :(

I agree that it would be nice to have better Google OAUTH / SAML / SSO support OOTB. So hopefully you have found something that I missed and can share more info about it. If it's possible with free opensource components and we can work it out, this would be a very cool addition to our SuiteCRM appliance! Hopefully we can find a way to include this in future, or at least make it easier.

Add new comment