How to convert a WordPress site into an Intranet site?

A typical WordPress site is open to all internet users. To secure a WordPress site by limiting access to only organization members, you should convert a regular WordPress site into an Intranet site. Using our WordPress SAML Single Sign-On plugin, you can limit access to authenticated users within the organization, therefore preventing unauthorized access from the broader internet user base.

How to secure a WordPress site and restrict access to authorized users only?

Follow the steps given below to convert a WordPress site into an Intranet site to protect it from unauthorized access:

1. Configure Identity Provider of your choice

• In the miniOrange SAML 2.0 SSO plugin, navigate to the Service Provider Metadata tab.


• Copy the SP Entity ID and ACS (AssertionConsumerService) URL provided.
• Paste these URLs into the desired fields of your chosen Identity Provider configuration.


• Alternatively, you can provide the SP Metadata URL into IDP to Configure the Identity Provider.

Note: For more information, refer to our Service Provider Metadata page.

2. Configure WordPress SAML Service Provider

• In the miniOrange SAML 2.0 SSO plugin, navigate to the Service Provider Setup tab.
• Select the Identity Provider of your choice.


• Input the necessary fields such as the IDP Name, IDP Entity ID or Issuer, SAML Login URL, and X.509 Certificate from your Identity Provider.
• Save the configuration by clicking on the Save button.


• Otherwise, you can also configure the Service Provider by clicking on the Upload IDP Metadata button and entering the Identity Provider name, IDP metadata URL or uploading the IDP metadata.



Note: To know more, visit our Service Provider Setup page.

3. Attribute Mapping (Optional)

• Explore our Attribute Mapping feature page to know more about configuration and its advantages.

4. Convert normal WP site into Intranet site

A. Secure pages/posts of WP site

• Navigate to Redirection & SSO Links tab and scroll down to Auto-Redirection from site section.
• Enable the Redirect to IdP if user not logged in toggle to restrict unauthenticated users from accessing your site.



Note: For additional settings like Force Authentication and managing RSS feeds, explore the Auto-Redirection from site/Force Authentication page.

B. Secure WP admin and login pages

• Navigate to the Redirection & SSO Links tab and scroll down to Auto-Redirection from WordPress Login section.
• Enable the Redirect to IdP from WordPress Login Page toggle to automatically redirect users to IDP login page when accessing the WordPress site's admin and login pages.


• Activate the Enable backdoor login toggle to create and use a backdoor URL for logging into the WP site with WordPress login credentials.
• Click on Update button.

Note: To know more about Auto-redirection and backdoor login, refer to our Auto-Redirection from WordPress Login page.

Additional Resources

• Admin SSO button on WP Login page
• Auto-redirection from Site/Force Authentication in WP SAML SSO
• Auto-redirection from WordPress Login in WP SAML SSO
• Attribute Mapping in SAML SSO
• Domain Mapping in SAML Single Sign-On
• Domain restriction in SAML Single Sign-On
• Role Mapping in SAML Single Sign-On
• WordPress SAML Single Sign-On
• WordPress SSO for Educational Institutes