Interoperable solutions are key to rapid, successful, worry-free deployments. This program was designed to help deployers achieve this success by taking away some of the “unknowns” regarding how a solution will function on its own or with other related products. Customers evaluating or deploying solutions that have successfully completed the Kantara Interoperable program know that the implementation has passed our rigorous testing process which requires true interoperability with multiple implementations.
Kantara Initiative Interoperable SAML 2.0 Products and Services*
| Product Name | Project/Vendor | License | IdP | IdP Light | SP | SP Light | eGov 1.5 | Attr Auth Resp. | POST Bind. | Other | Other protocols |
| ADFS 2.0 | Microsoft | commercial | X | X | X | WS-Federation | |||||
| Authentic2 | Entrouvert | OSS | IdP, SP | OpenID, CAS, OAuth | |||||||
| CA Federation Manager | CA | commercial | X | X | X | ||||||
| DirX Access | Atos/Siemens | commercial | X | X | X | ||||||
| Entrust Identity Guard | Entrust | commercial | X | X | X | X | X | X | |||
| Entrust Identity Guard | Entrust | commercial | X | X | X | X | X | X | |||
| EIC | Ericsson | commercial | X | ||||||||
| Horizon App Manager | VMware | commercial | X | X | X | X | X | ||||
| HP OpenView Select Federation | HP | discontinued | X | X | X | X | |||||
| Larpe | Entrouvert | OSS | X | X | SAML Reverse Proxy | OpenID, CAS, OAuth | |||||
| LemonLDAP::NG | lemonldap-ng.org | OSS | (pending) | WS-Federation, OpenID | |||||||
| NetWeaver Appserver | SAP | commercial | (pending) | CAS, OpenId, Twitter | |||||||
| NetWeaver IDM | SAP | commercial | X | X | |||||||
| Novell Access Manager | Novell | commercial | X | X | X | X | X | ||||
| OpenAM | ForgeRock (ex. Sun) | OSS | X | X | X | X | X | X | X | ECP | WS-Federation |
| OpenASelect | OpenASelect.org | OSS | (pending) | OAuth | |||||||
| Oracle Identity Federation 11g | Oracle | commercial | X | X | |||||||
| PicketLink | JBoss Community | OSS | (pending) | OpenID, A-Select, CAS | |||||||
| PingFederate | Ping Identity | commercial | X | X | WS-Federation, WS-Trust, OpenID, OAuth, Facebook, LinkedIn, Twitter, Windows Live, Salesforce | ||||||
| ProSale Identity | Comfact AB | commercial | X | X | X | ||||||
| ProSale Signing | Comfact AB | commercial | X | X | |||||||
| RSA Federated Identity Manager | RSA | commercial | X | X | X | Facebook, OpenID, LinkedIn, Twitter, Windows Live | |||||
| Shibboleth | Internet2 | OSS | IdP, SP, Discovery | ||||||||
| SimpleSAMLphp | UNINETT AS | OSS | X | X | OpenID, A-Select, CAS, WS-Federation and OAuth,Facebook,LinkedIn,Twitter, Windows Live | ||||||
| Symlabs Federated Identity Suite | Symlabs | commercial | X | X | X | X | X | X | ECP | OpenID, A-Select, CAS, WS-Federation and OAuth | |
| Tivoli Federated Identity Manager | IBM | commercial | X | X | X | X | WS-Federation | ||||
| TrustBind/Federation Manager | NTT Software Corp | commercial | X | X | X | X | X | ECP | OpenID, ID-WSF | ||
| Ubilogin SSO | Ubisecure Solutions | commercial | X | X | X | X | X | X | ECP, Discovery | ETSI MSS 102 204, TUPAS, WS-Federation, OpenID | |
| ZXID | zxid.org | OSS | X | X | X | X | X | X | X | IdP, SP, Discovery |
* Note: Products and Services with “X’s” marked have been SAML 2.0 Certified. Certifications performed in 2010 are Kantara Interoperable Certified. Certifications performed prior to 2010 were certified as Liberty Interoperable.
Libraries and toolkits to develop SAML actors and SAML-enabled services
The Libraries and Toolkits below are used by developers to integrate applications and services into SAML federations or to build their own SAML-actors like IdPs.
| Libararies and Toolkits | Organization | Licence | Language bindings |
| Lasso | Entr\’ouvert | OSS | C, Phython, Java, Perl, C# |
| OIOSAML 2.0 Toolkit | Danish IT and Telekom Agency | OSS | Java, .Net, PHP |
| OpenSAML | Internet2 | OSS | C++, Java |
| ZXID | zxid.org | OSS | C, other lang using swig.org |
SAML-related Services
| Service | Organization | Location | Purpose |
| PingConnect | Ping Identity | https://support.pingidentity.com/s/question/0D51W00008CHp6KSAT/multiple-connections-using-pingconnect | On-Demand SSO for dozens of SaaS providers |
| OneLogin | OneLogin | http://www.onelogin.com/ | IdP for SAML- and OpenID-enabled cloud services |
| ZXIDP.org | zxid.org | https://zxidp.org/index-idp.html | free IdP |
| PEER | Internet2 | https://spaces.internet2.edu/display/PEER/Home | Public metadata registry |
| Testshib.org | Internet2 | http://www.testshib.org/ | IdP and SP for testing |
| Federation Lab | Géant | https://fed-lab.org/ | Test-SP, metadata registry, test tools |
| Feide OpenIdP | UNINETT AS | https://openidp.feide.no/ | IdP that allows any user to register, and any SP to connect |
| SAML Tracer | UNINETT AS | https://addons.mozilla.org/en-US/firefox/addon/saml-tracer/ | A tool for viewing SAML messages sent through the browser during single sign-on and single logout. |