Forgerock / OpenAM single sign-on for WordPress using OAuth

Need help with the setup? Contact us at info@xecurify.com and we'll help you get things in place in no time.

Step by step guide to configure SSO

Step 1: Download and install miniOrange OAuth Client

From your WordPress dashboard

  • Click on PluginsAdd New tab.
  • Search for OAuth Login (OAuth Client) plugin. Install the plugin.

    Unable to load image
  • Activate OAuth Client by miniOrange from your Plugins page.

Step 2: Configure OAuth client

  • After activating OAuth Single Sign On – SSO (OAuth client) plugin go to miniOrange OAuth.
  • Click on Select Application to search your OAuth Provider application or click on your OAuth Provider application from the given applications.
  • If your Application/ Server Name is not there in default list. You can click on Custom OAuth 2.0 App or Custom OpenID Connect App to add custom OAuth/OpenID Connect Server.
  • Configure OAuth application in Forgerock / Open AM using the Callback/Redirect Url (refer screenshot below).

  • Fill in the configuration details below from received configuration details from Forgerock / Open AM

    Client ID : Received from app configured in Forgerock / Open AM
    Client Secret : Received from app configured in Forgerock / Open AM
    Scope:  Based on data you want to get access to e.g. email or profile
    Authorize Endpoint:Authorization endpoint of Forgerock / Open AM
    Access Token Endpoint: Token endpoint of Forgerock / Open AM
    Get User Info Endpoint: Resource or userinfo endpoint of Forgerock / Open AM
  • Click on Save Settings button once you have entered all mandatory information.
  • Click on Test Configuration button to verify if you have configured correctly.
  • On successful configuration, you will get Attributes Name and Attribute Values on Test Configuration window. Map Attribute Names provided by your OAuth Server with OAuth Client Attributes given under Attribute Mapping Section and click on Save Settings.
  • Go to WordPress Menu -> Appearance -> Widget.
  • Drag and drop miniOrange OAuth widget wherever you want on your website as shown in screenshot given below.
  • Copy paste your site-URL on private window and you will be able to see Login button with display name you have given.
  • Once logged in, you will be able to access your WordPress profile.

Key Features

Auto Create Users

Auto-create User in WordPress after doing SSO with the user credentials if the user is not already present in WordPress User list.

Login using widget / link / shortcode

Use OAuth login widget /link/shortcode anywhere on your website with option to customize Login Button custom CSS.

Custom Redirect URL after login and logout

Configure the URL wherever you want to redirect users after login or after logout.

Force authentication

Restrict site to logged in user. Here, enabling restrict site to logged in user will auto redirect the user to oauth provider's login page if user is not already logged in.

Domain specific registration

Restrict the user login based on configured domains. You can allow/deny the user login based on email domain.

Multi-site Support

Access the plugin over your multiple subsites.

Account Linking

Account Linking allows to sync user accounts in WordPress database. If user already have account in WordPress, then based on common attribute plugin updates User's WordPress profile.

BuddyPress Attribute Mapping

Role mapping with BuddyPress attributes so that Buddypress roles are assigned based on OAuth groups/roles.

Dynamic Callback URL

This feature allow you to add the dynamic callback/redirect URL.

Page Restriction

Page based restrictions over users based on their roles and whether they are logged in or not.

Attribute Mapping

User can map Username, FirstName, LastName, Email, Group Name and also map custom attribute as per requirement.

Role Mapping

User to set WordPress roles based on groups/roles received in OAuth Provider response with configured mapping.

Other Grant Types We Support

Authorization code grant

Implicit Grant

Refresh Token Grant

Resource owner credentials grant (Password grant)

Client Credentials Grant

WHAT OUR CUSTOMERS SAY

Excellent support
Image is not available

The plugin works as described and the support team has been a terrific help in getting setup. Thank you!

READ MORE
Outstanding Support
Image is not available

Plugin does exactly what we need it to, and is solid right up to the latest stable release of WordPress.

READ MORE
Great support
Image is not available

There team was super responsive and helpful on getting the plugin working with our site.

READ MORE
Easy to Use
Image is not available

Plugin is well constructed and works perfectly. Support team is incredibly responsive and friendly.

READ MORE
Great software
Image is not available

I needed to secure my WordPress login. This plugin was straight forward. Thanks to miniOrange.

READ MORE
Great Technical Support
Image is not available

I a little trouble setting up for Eve Online but received great support from the development team.

READ MORE
Nice plugin
Image is not available

This plugin saved my day. I was able to easy add oauth login to my application. Thanks for the great work.

READ MORE
Sign in with Slack possible
Image is not available

Finding the plugin which would allow my users to login to my WordPress instance with the Slack account. Simple to configure.

READ MORE
Great support team
Image is not available

This robust plugin does exactly what we need, is easily customized & integrates well with our other plugins and SSO server.

READ MORE
previous arrowprevious arrow
next arrownext arrow
Slider