PingFederate (PingFederate SSO) with Magento enables secure login access into Magento using PingFederate as OAuth and OpenID Connect provider. Magento OAuth/OpenID Connect Single Sign-On module gives the ability to enable OAuth/OpenID Single Sign-On for Magento. If you want users to log in to your Magento site using their PingFederate credentials, you can simply do it using our Magento OAuth/OpenID Connect Single Sign-On Plugin.
Once you configure the PingFederate with the Magento module, you can allow users to perform SSO to your Magento site using PingFederate . It has powerful Single Sign-On (SSO) features like user profile attribute mapping and role mapping, among others. We'll go over how to set up Single Sign-On (SSO) for user authentication between Magento and PingFederate in this guide. To know more about other features we provide in the Magento OAuth/OpenID Connect Single Sign-On module, you can click here.
Steps to configure PingFederate OAuth & OpenID Single Sign-On (SSO) Login into Magento
1. Setup PingFederate as OAuth Provider
Follow the steps below to configure PingFederate as OAuth Provider
Configure PingFederate as OAuth Provider
Login to your PingFederate User Admin dashboard.
Click on the OAuth Server from the left navigation menu.
Click on Create New Under Clients section.
Enter the Client ID, Name and Description.
Select Client Secret in Client Authentication and click on Generate Secret. Take a backup of your Client ID & Client Secret.
Copy the Redirect/Callback URL from the Magento extension and enter it in Redirect URIs field and click on Add. Select the Authorization Code grant type and click on Save.
You have successfully configured PingFederate OAuth Provider for achieving PingFederate SSO with Magento for user authentication.
2. Configuring Magento 2 as OAuth Client
After successfully configuring OAuth Provider, go to OAuth Provider tab and configure OAuth Provider Name, Client ID, Client Secret, Scope and provided endpoints.
Please refer below Endpoints to configure the OAuth client
Access Token Endpoint:
Get User Info Endpoint:
Click on the Save button to save the settings.
Click on the Test Configuration button.
You will see all the values returned by your OAuth Provider to Magento in a table. If you don't see value for First Name, Last Name, Email or Username, make the required settings in your OAuth Provider to return this information.
The miniOrange Premium Plugin also provides you the the feature to auto redirect your user to the IdP Login Page.
Go to the Sign In Settings tab and check options to enable SSO on your Magento site.
Go to customer login page and you will see the SSO button on your frontend. Click on the button and test the SSO.
You will be sucessfully logged in into Magento.
Visit your admin login page and you will see the SSO button on your admin page. Click on the button to initate SSO as an admin.
After sucessfully logged into magento as admin you will be redirect to magento backend dashboard.
4: Attribute / Custom Mapping (Optional). *This is Premium feature.
You can map attributes in the Attribute Mapping tab. Only username and email are allowed to be mapped in free version of the plugin. However, in the premium version of the plugin, you can map various attributes coming from your OAuth Provider to the attributes present in your Magento site.
5: Role Mapping (Optional). *This is Premium feature.
You can specify a default role in the free plugin that will be allocated to all non-admin users when they conduct SSO.
Go to Attribute/Role mapping tab and navigate to Role Mapping section.
Select the Default Role and click on the Save button.
By configuring PingFederate as an OAuth Provider and Magento as an OAuth Client using our Magento OAuth Client plugin, you have successfully installed Magento PingFederate Single Sign-On (SSO). Within minutes, you'll be able to provide safe access to your Magento site utilising PingFederate login credentials thanks to this solution.
If you dont hear from us within 24 hours, please feel free to send a follow up email to email@example.com
This privacy statement applies to miniorange websites describing how we handle the personal
When you visit any website, it may store or retrieve the information on your browser, mostly in the
form of the cookies. This information might be about you, your preferences or your device and is
mostly used to make the site work as you expect it to. The information does not directly identify
you, but it can give you a more personalized web experience.
Click on the category headings to check how we handle the cookies.
Strictly Necessary Cookies
Necessary cookies help make a website fully usable by enabling the basic functions like site
navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any
personal identifiable information. However, some parts of the website will not work properly without
These cookies only collect aggregated information about the traffic of the website including -
visitors, sources, page clicks and views, etc. This allows us to know more about our most and least
popular pages along with users' interaction on the actionable elements and hence letting us improve
the performance of our website as well as our services.