Keycloak Single Sign-On (SSO) login for WordPress can be achieved by using our WordPress SAML Single Sign-On (SSO) plugin. Our plugin is compatible with all the SAML compliant Identity Providers and enables secure Login into WordPress sites. Here we will go through a step-by-step guide to configure Keycloak WordPress SSO / Login for WordPress site by considering Keycloak as IdP (Identity Provider) and WordPress as SP (Service Provider). To know more about other features we provide in WordPress SAML Single Sign-On (SSO) plugin, you can click here.
Pre-requisites : Download And Installation
To configure Single Sign-On (SSO) / Login with Keycloak into Wordpress, you will need to install the miniOrange WordPress (WP) SAML SP SSO plugin:
Step-by-step Video to Setup WordPress Keycloak SSO / Login with Keycloak into WordPress (WP)
Steps to configure Keycloak Single Sign-On (SSO) Login into WordPress(WP):
Start Server: Start the keycloak server by running the _standalone.sh_ file
Root Directory of keycloak bin standalone.sh
Step 1: Configure Keycloak as IDP
Follow the steps below to configure Keyclock as an Identity Provider
Setup Keycloak IDP
In the miniOrange WordPress SAML SP SSO plugin, navigate to SP (Service Provider) Metadata tab. Here, you can find the SP metadata such as SP Entity ID and ACS (AssertionConsumerService) URL which are required to configure the keycloak as IdP (Identity Provider).
In your Keycloak Admin console, select the realm that you want to use.
Click on Clients from the left menu and then click on Create button to create a new client/application.
Enter SP-EntityID / Issuer as the Client ID from the "Service Provider Metadata" Tab and select SAML as the Client Protocol.
Now click on Save.
Configure Keycloak by providing the required details:
Under Fine Grain SAML Endpoint Configuration, Enter the following details:
Assertion Consumer Service POST Binding URL
The ACS (Assertion Consumer Service) URL from the plugin's Service Provider Metadata tab
Logout Service Redirect Binding URL (Optional)
The Single Logout URL from the plugin's Service Provider Metadata tab
Click on Save.
Navigate to Mappers tab and click on Add Builtin button.
Select the checkboxes of X500 givenName, X500 surname and X500 email attributes.
Click on Add Selected button. You will see the mappings that are added below.
Download setup file
Navigate to Realm Settings, click on SAML 2.0 Identity Provider Metadata mentioned as Endpoints in the General Tab.
Note the URL and keep it handy. That will provide you with the Endpoints required to configure the plugin.
You have successfully configured Keycloak as SAML IdP ( Identity Provider) for achieving Keycloak login / Keycloak Single Sign-On (SSO), ensuring secure Login into WordPress (WP) Site.
Need Help? We are right here!
Contact miniOrange Support
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to email@example.com
This privacy statement applies to miniorange websites describing how we handle the personal
When you visit any website, it may store or retrieve the information on your browser, mostly in the
form of the cookies. This information might be about you, your preferences or your device and is
mostly used to make the site work as you expect it to. The information does not directly identify
you, but it can give you a more personalized web experience.
Click on the category headings to check how we handle the cookies.
Strictly Necessary Cookies
Necessary cookies help make a website fully usable by enabling the basic functions like site
navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any
personal identifiable information. However, some parts of the website will not work properly without
These cookies only collect aggregated information about the traffic of the website including -
visitors, sources, page clicks and views, etc. This allows us to know more about our most and least
popular pages along with users' interaction on the actionable elements and hence letting us improve
the performance of our website as well as our services.