WordPress OAuth & OpenID Connect Single Sign-On (SSO) plugin enables secure login into WordPress using Forgerock / OpenAM as OAuth and OpenID Connect provider. You can also configure plugin using different custom providers and standard IDPs. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, Role mapping, etc. Here we will go through a guide to configure SSO between WordPress and Forgerock / OpenAM. By the end of this guide, users should be able to login to WordPress from Forgerock / OpenAM. To know more about other features we provide in WP OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin, you can click here.
Download And Installation
- Log into your WordPress instance as an admin.
- Go to the WordPress Dashboard -> Plugins and click on Add New.
- Search for a WordPress OAuth Single Sign-On (SSO) plugin and click on Install Now.
- Once installed click on Activate.
Steps to configure Forgerock / OpenAM Single Sign-On (SSO) Login into WordPress
Step 1: Setup Forgerock / OpenAM as OAuth Provider
- Go to developer account of Forgerock / OpenAM and sign up/login.
- From Configure OAuth tab in Oauth Client plugin, collect Redirect/Callback URL and enter it into your Forgerock / OpenAM Application
- Copy your Client ID and Client Secret and save it on your miniOrange OAuth Client plugin Configuration.
- You have successfully completed your Forgerock / OpenAM App OAuth Server side configurations.
Forgerock/OpenAM Endpoints and Scope:
| Client ID : |
Click Here |
| Client Secret : |
Click Here |
| Scope: |
openid profile |
| Authorize Endpoint: |
https://<Your-Domain>/openam/oauth2/authorize |
| Access Token Endpoint: |
https://<Your-Domain>/openam/oauth2/access_token |
| Get User Info Endpoint: |
https://<Your-Domain>/openam/oauth2/userinfo |
You have successfully configured Forgerock / OpenAM as OAuth Provider for achieving Forgerock / OpenAM login into your WordPress Site.
Step 2: Setup WordPress as OAuth Client
- Go to the Configure OAuth tab in the Plugin and search for Custom OAuth in the applications list, and select Custom OAuth 2.0 App .
- Now, configure App Name, Client ID, Client Secret received from Forgerock / OpenAM and Click on Save Settings to save the configuration.
You have successfully configured WordPress as OAuth Client for achieving Forgerock / OpenAM login into your WordPress Site.
Step 3: User Attribute Mapping.
- User Attribute Mapping is mandatory for enabling users to successfully login into WordPress. We will be setting up user profile attributes for WordPress using below settings.
Finding user attributes
- Go to Configure OAuth tab. Scroll down and click on Test Configuration.
- You will see all the values returned by your OAuth Provider to WordPress in a table. If you don't see value for First Name, Last Name, Email or Username, make the required settings in your OAuth Provider to return this information.
- Once you see all the values in Test Configuration, go to Attribute / Role Mapping tab, you will get the list of attributes in a Username dropdown.
Step 4: Login Settings / Sign In Settings.
- The settings in SSO Settings tab define the user experience for Single Sign-On. To add a login widget on your WordPress page, you need to follow below steps.
Sign In Settings
- Go to WordPress Left Panel > Appearances > Widgets.
- Select miniOrange OAuth. Drag and drop to your favourite location and save.
- Open your WordPress page and you can see the login button there. You can test the SSO now.
In this Guide, you have successfully configured Forgerock / OpenAM Single Sign-On (SSO) by configuring Forgerock / OpenAM as OAuth Provider and WordPress as OAuth Client using our WP OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin. This solution ensures that you are ready
to roll out secure access to your WordPress site using Forgerock / OpenAM login credentials within minutes.
Need Help?
Mail us on oauthsupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.
