Guide For WordPress Single Sign On (SSO) using ADFS as IdP

Adfs Single Sign On (SSO) For Wordpress miniOrange provides a ready to use solution for Wordpress. This solution ensures that you are ready to roll out secure access to your Wordpress site using ADFS within minutes.

Step 1: Configuring ADFS as IdP

  • In ADFS, click on Add Relying Party Trust. Then click on Start.
  • In Select Data Source: Select Import data about the Relying Party published online or on a local network and enter the metadata URL provided in the Configure IDP tab of the plugin. Click Next.
  • Unable to load Image
  • In Specify Display name: Enter Display name . Click Next.
  • In Configure Multi-factor Authentication Now, select I do not want to configure multi factor authentication settings for this relying party trust. Click Next.
  • In Choose Issuance Authorization Rules, select Permit all users to access this relying party. Click Next.
  • In Ready to Add Trusts, select click Next.
  • Check Open the Edit Claim Rules dialog and click close. Click Add rule and then select Send LDAP Attributes as Claims . Enter the following:
  • Claim rule name Attributes
    Attribute Store Active Directory
    Outgoing Claim Type Name ID
  • Click on Finish.
  • Unable to load Image

Step 2: Configuring Wordpress as SP

  • In miniOrange SAML plugin, go to Service Provider tab. There are three ways to configure the plugin:
  •   By Uploading ADFS Metadata :
    • Click on Upload IDP Metadata.
    • Enter Identity Provider Name.
    • Upload metadata file and click on Upload.
      By ADFS MEtadata URL :
    • Click on Upload IDP Metadata.
    • Enter Identity Provider Name.
    • Enter Metadata URL and click on fetch Metadata
      Mannual Configuration :
    • Provide requaired settoings(i.e. Identity Provider Name,IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) and save it.
    • Identity Provider Name For Example:Miniorange
      IdP Entity ID or Issuer
      SAML Login URL
      X.509 Certificate X.509 Certificate is enclosed in X509 Certificate tag in IdP Metadata XML file.(parent tag:KeyDescriptor use="singing")

Step 3: Attribute Mapping

  • Attributes are user details that are stored in your Identity Provider
  • Attribute Mapping helps you to get user attributes from your IdP and map them to WordPress user attributes like firstname, lastname etc.
  • While auto registering the users in your WordPress site these attributes will automatically get mapped to your WordPress user details.
  • In miniOrange SAML plugin, go to Attribute/RoleMapping tab and fill in all the fields.

    Username: Name of the username attribute from IdP (Keep NameID by default)
    Email: Name of the email attribute from IdP (Keep NameID by default)
    FirstName: Name of the firstname attribute from IdP
    LastName: Name of the lastname attribute from IdP
    Group/Role: Name of the Role attribute from IdP
    Unable to load Image
  • You can check the Test Configuration Results to get a better idea of which values to map here.

Step 4: Role mapping (It is Optional to fill this).

  • WordPress uses a concept of Roles, designed to give the site owner the ability to control what users can and cannot do within the site.
  • WordPress has six pre-defined roles: Super Admin, Administrator, Editor, Author, Contributor and Subscriber.
  • Role mapping helps you to assign specific roles to users of a certain group in your IdP.
  • While auto registering, the users are assigned roles based on the group they are mapped to.
  • Unable to load Image

Step 5: Sign In Setting

  • Go to Sign In Settings tab. Enable auto-redirect to IDP using Redirect to IdP if user not logged in option.
  • Unable to upload image

Business Trial For Free

If you don't find what you are looking for, please contact us at or call us at +1 978 658 9387.