WordPress SAML SP Single Sign-On (SSO) plugin gives you the ability to use your WordPress (WP) site as Service Provider. Whereas SAML & WSFED IDP plugin gives you the ability to use your WordPress (WP) site as an Identity Provider (IdP). Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between two WordPress (WP) sites, one as Service Provider (SP) and the other as Identity Provider (IdP).
Pre-requisites: Download And Installation
Follow the steps below to configure the Single Sign-On (SSO) between two WordPress (WP) sites.
Instructions:
Service Provider Name
|
Name of your Service Provider. |
SP Entity ID or Issuer | Copy and paste the SP-EntityID from the Service Provider |
ACS URL | Copy and paste the ACS URL from the Service Provider. |
NameID Format | urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress |
Assertion Signed | Checked |
Service Provider Name
|
Name of your Service Provider. |
SP Entity ID or Issuer | Copy and paste the SP-EntityID from the Service Provider. |
ACS URL | Copy and paste the ACS URL from the Service Provider. |
Select Binding type(optional) | Select Use HTTP-Redirect Binding for SLO |
Single Logout URL(optional) | Enter Single Logout URL given in Service Provider. |
X.509 Certificate(optional) | Enter X.509 Certificate. |
NameID Format\ | urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress |
Response Signed | Checked if you want to sign the SAML Response |
Assertion Signed | Checked if you want to sign the SAML Response |
Encrypted Assertion | Checked if you want to encrypt the SAML Assertion\ |
We will go through the steps to setup WordPress as a Service Provider. Here, we will be adding the IdP metadata to configure the plugin.
NOTE: If you click on Test Configuration button in Service Provider Setup tab and authenticate with your IDP, you can see a list of attributes sent by the IDP in the Attribute/Role mapping tab. This information can be used to provide the above mapping.
In the standard plugin, you can choose a default role which will be assigned to all the non-admin users when they perform SSO.
In the Standard plugin you can enable SP-initiated SSO using the following options.
NOTE: Please enable the Backdoor login and note down the backdoor URL. This will allow you to access the WordPress login page in case you get locked out of the IDP.
SCIM User Provisioning allows you to sync user's creation, updation and deletion from your IDP to WordPress site
Know morePage and Post Restriction plugin restricts WordPress pages and posts based on User Roles and User's Login Status
Know moreAllows to integrate user attribute information received from SAML Identity Provider with the user's BuddyPress profile
Know moreLearnDash Integration will map the SSO users to LearnDash groups as per the user group attributes sent by your Identity Provider
Know moreAttribute Based Redirection plugin can be used to restrict and redirect users to different URL's based on SAML attributes
Know moreFederation SSO allows configuring Single Sign-On (SSO) support for multiple IDPs and authenticating with different IDPs using SAML protocol
Know moreSSO Login Audit captures and tracks all the SSO users and generates reports
Know moreIf you are looking for anything which you cannot find, please drop us an email on samlsupport@xecurify.com
miniOrange provides 24/7 support for all the Secure Identity Solutions. We ensure high quality support to meet your satisfaction.
Sign UpEasy and precise step-by-step instructions and videos to help you configure within minutes.
Watch DemoWe offer Secure Identity Solutions for Single Sign-On, Two Factor Authentication, Adaptive MFA, Provisioning, and much more. Please contact us at -
 +1 978 658 9387 (US) | +91 77966 99612 (India) samlsupport@xecurify.com