Keycloak as IDP for WordPress SSO

Keycloak Single Sign-On (SSO) login for WordPress can be achieved by using our WordPress SAML Single Sign-On (SSO) plugin. Our plugin is compatible with all the SAML compliant Identity Providers and enables secure Login into WordPress sites. Here we will go through a step-by-step guide to configure Keycloak WordPress SSO / Login for WordPress site by considering Keycloak as IdP (Identity Provider) and WordPress as SP (Service Provider). To know more about other features we provide in WordPress SAML Single Sign-On (SSO) plugin, you can click here.

miniorange img Pre-requisites : Download And Installation

To configure Single Sign-On (SSO) / Login with Keycloak into Wordpress, you will need to install the miniOrange WordPress (WP) SAML SP SSO plugin:


Step-by-step Video to Setup WordPress Keycloak SSO / Login with Keycloak into WordPress (WP)


Steps to configure Keycloak Single Sign-On (SSO) Login into WordPress(WP):


  • First of all, Download Keycloak and install it.

  • Start Server: Start the keycloak server by running the _standalone.sh_ file

  • Root Directory of keycloak bin standalone.sh

    Step 1: Configure Keycloak as IDP

    Follow the steps below to configure Keyclock as an Identity Provider

    miniorange img Setup Keycloak IDP

    • In the miniOrange WordPress SAML SP SSO plugin, navigate to SP (Service Provider) Metadata tab. Here, you can find the SP metadata such as SP Entity ID and ACS (AssertionConsumerService) URL which are required to configure the keycloak as IdP (Identity Provider).
    • Wordpress Saml Upload Metadata - Keycloak SAML Single Sign-On(SSO) for WordPress - Keycloak SSO Login
    • In your Keycloak Admin console, select the realm that you want to use.
    • Click on Clients from the left menu and then click on Create button to create a new client/application.
    • Creating an APP - Keycloak SAML Single Sign-On(SSO) for WordPress - Keycloak SSO Login
    • Enter SP-EntityID / Issuer as the Client ID from the "Service Provider Metadata" Tab and select SAML as the Client Protocol.
    • Add Client - Keycloak SAML Single Sign-On(SSO) for WordPress - Keycloak SSO Login
    • Now click on Save.
    • Configure Keycloak by providing the required details:
    • Client ID The SP-EntityID / Issuer from the plugin's Service Provider Metadata tab
      Name Provide a name for this client
      Description Provide a description
      Name ID Format Email
      Root URL Leave empty or Provide Base URL from Service Provider Metadata tab
      Valid Redirect URIs The ACS (Assertion Consumer Service) URL from the plugin's Service Provider Metadata tab
      Keycloak Login - Settings - Keycloak SAML Single Sign-On(SSO) for WordPress - Keycloak SSO Login Keycloak Login - Settings - Keycloak SAML Single Sign-On(SSO) for WordPress - Keycloak SSO Login
    • Under Fine Grain SAML Endpoint Configuration, Enter the following details:
    • Assertion Consumer Service POST Binding URL The ACS (Assertion Consumer Service) URL from the plugin's Service Provider Metadata tab
      Logout Service Redirect Binding URL (Optional) The Single Logout URL from the plugin's Service Provider Metadata tab
      Login SAML Endpoint Configuration - Keycloak SAML Single Sign-On(SSO) for WordPress - Keycloak SSO Login
    • Click on Save.

     Add Mappers

    • Navigate to Mappers tab and click on Add Builtin button.
    • Keycloak Login - Mappers Tab - Keycloak SAML Single Sign-On(SSO) for WordPress - Keycloak SSO Login
    • Select the checkboxes of X500 givenName, X500 surname and X500 email attributes.
    • Keycloak Login - Add built-in protocol mapper - Keycloak SAML Single Sign-On(SSO) for WordPress - Keycloak SSO Login
    • Click on Add Selected button. You will see the mappings that are added below.
    • Keycloak Login - Add Selected - Keycloak SAML Single Sign-On(SSO) for WordPress - Keycloak SSO Login

    miniorange img Download setup file

    • Navigate to Realm Settings, click on SAML 2.0 Identity Provider Metadata mentioned as Endpoints in the General Tab.
    • JBoss Keycloak SSO-7 - Keycloak SAML Single Sign-On(SSO) for WordPress - Keycloak SSO Login
    • Note the URL and keep it handy. That will provide you with the Endpoints required to configure the plugin.
    • You have successfully configured Keycloak as SAML IdP ( Identity Provider) for achieving
      Keycloak login / Keycloak Single Sign-On (SSO), ensuring secure Login into WordPress (WP) Site.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com