Keycloak as IDP for WordPress SSO
Keycloak Single Sign-On (SSO) login for WordPress can be achieved by using our WordPress SAML Single Sign-On (SSO) plugin. Our plugin is compatible with all the SAML compliant Identity Providers and enables secure Login into WordPress sites. Here we will go through a step-by-step guide to configure Keycloak WordPress SSO / Login for WordPress site by considering Keycloak as IdP (Identity Provider) and WordPress as SP (Service Provider). To know more about other features we provide in WordPress SAML Single Sign-On (SSO) plugin, you can click here.
Pre-requisites : Download And Installation
To configure Single Sign-On (SSO) / Login with Keycloak into Wordpress, you will need to install the miniOrange WordPress (WP) SAML SP SSO plugin:
Step-by-step Video to Setup WordPress Keycloak SSO / Login with Keycloak into WordPress (WP)
Steps to configure Keycloak Single Sign-On (SSO) Login into WordPress(WP):
First of all, Download Keycloak and install it.
Start Server: Start the keycloak server by running the _standalone.sh_ file
- In the miniOrange WordPress SAML SP SSO plugin, navigate to SP (Service Provider) Metadata tab. Here, you can find the SP metadata such as SP Entity ID and ACS (AssertionConsumerService) URL which are required to configure the keycloak as IdP (Identity Provider).
- In your Keycloak Admin console, select the realm that you want to use.
- Click on Clients from the left menu and then click on Create button to create a new client/application.
- Enter SP-EntityID / Issuer as the Client ID from the "Service Provider Metadata" Tab and select SAML as the Client Protocol.
- Now click on Save.
- Configure Keycloak by providing the required details:
- Under Fine Grain SAML Endpoint Configuration, Enter the following details:
- Click on Save.
- Navigate to Mappers tab and click on Add Builtin button.
- Select the checkboxes of X500 givenName, X500 surname and X500 email attributes.
- Click on Add Selected button. You will see the mappings that are added below.
- Navigate to Realm Settings, click on SAML 2.0 Identity Provider Metadata mentioned as Endpoints in the General Tab.
- Note the URL and keep it handy. That will provide you with the Endpoints required to configure the plugin.
Root Directory of keycloak bin standalone.sh
Step 1: Configure Keycloak as IDP
Follow the steps below to configure Keyclock as an Identity Provider
Setup Keycloak IDP
| Client ID | The SP-EntityID / Issuer from the plugin's Service Provider Metadata tab |
| Name | Provide a name for this client |
| Description | Provide a description |
| Name ID Format | |
| Root URL | Leave empty or Provide Base URL from Service Provider Metadata tab |
| Valid Redirect URIs | The ACS (Assertion Consumer Service) URL from the plugin's Service Provider Metadata tab |
| Assertion Consumer Service POST Binding URL | The ACS (Assertion Consumer Service) URL from the plugin's Service Provider Metadata tab |
| Logout Service Redirect Binding URL (Optional) | The Single Logout URL from the plugin's Service Provider Metadata tab |
Add Mappers
Download setup file
You have successfully configured Keycloak as SAML IdP ( Identity Provider) for achieving
Keycloak login / Keycloak Single Sign-On (SSO), ensuring secure Login into WordPress (WP) Site.
×
![]()
Trending searches:
Hello there!
Need Help? We are right here!
