SAML Single Sign-On (SSO) between two WordPress sites

Single Sign-On (SSO) between two WordPress (WP) sites with the help of our WordPress SAML SP Single Sign-On (SSO) and Login Using WordPress users (WP as SAML IdP) plugin. Our WordPress SAML SP Single Sign-On (SSO) plugin gives you the ability to use your WordPress (WP) site as SAML SP (Service Provider) and you can configure other WordPress (WP) site as an SAML IdP (Identity Provider) with Login Using WordPress users (WP as SAML IdP) plugin. Enabling SAML SSO for Multiple WordPress (WP) sites.

miniorange img Pre-requisites: Download And Installation

  • To setup SSO between 2 WordPress sites, you will need to install two plugins.
  • To convert your WordPress site into an Identity Provider, install the miniOrange WP SAMLas IDP Plugin on the WordPress site where your users are stored.

  • To convert your WordPress site into a Service Provider, install the miniOrange SAML SSO Login Plugin on the WordPress site application where you want users to log into.
  • Follow the steps below to configure the Single Sign-On (SSO) between two WordPress (WP) sites.


Step-by-step Video to Setup Single Sign-on between 2 WordPress sites


Steps to configure SSO between two WordPress (WP) sites:


Step 1: Configure 1st Wordpress Site as the IdP (Identity Provider)

  • Navigate to the 2nd WordPress site.
  • Install and activate the SAML SP Single Sign-On (SSO) login plugin on your WordPress site which is
    acting as Service Provider.
  • Go to the SAML SP Single Sign-On plugin, navigate to the Service Provider Metadata tab. Here, you
    can find the Service Provider metadata such as SP Entity ID and ACS (Assertion Consumer Service)
    URL
    which is required to configure the Identity Provider.
  • SSO between two WordPress (WP) sites - saml upload metadata
  • Navigate to the WordPress site.
  • Install and activate the SAML & WSFED IDP ( SSO using WordPress Users ) plugin on your WordPress site which is acting as Identity Provider.
  • Go to the WordPress IDP plugin, navigate to the Service Provider tab.
  • Enter the values corresponding to the information from the Service Provider. Refer to the table below.

    Service Provider Name
    Name of your Service Provider.
    SP Entity ID or Issuer Copy and paste the SP-EntityID from the Service Provider
    ACS URL Copy and paste the ACS URL from the Service Provider.
    NameID Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
    Assertion Signed Checked
  • SSO between two WordPress (WP) sites - Configure setting
  • Click on the Save button to save your configurations.
  • Go to the IDP Metadata tab. Here you can find information for configuring the Service Provider.
  • You can also download the metadata XML file, by clicking on the download link.
  • SSO between two WordPress (WP) sites - download metadata
  • Navigate to the WordPress site.
  • Install and activate the SAML & WSFED IDP ( SSO using WordPress Users ) plugin on your WordPress site which is acting as Identity Provider.
  • Go to the WordPress IDP plugin navigate to the Service Provider tab.
  • Enter the values corresponding to the information from the Service Provider. Refer to the table below.
    Service Provider Name
    Name of your Service Provider.
    SP Entity ID or Issuer Copy and paste the SP-EntityID from the Service Provider.
    ACS URL Copy and paste the ACS URL from the Service Provider.
    Select Binding type(optional) Select Use HTTP-Redirect Binding for SLO
    Single Logout URL(optional) Enter Single Logout URL given in Service Provider.
    X.509 Certificate(optional) Enter X.509 Certificate.
    NameID Format\ urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
    Response Signed Checked if you want to sign the SAML Response
    Assertion Signed Checked if you want to sign the SAML Response
    Encrypted Assertion Checked if you want to encrypt the SAML Assertion\
    SSO between two WordPress (WP) sites - Configure setting
  • Click on the Save button to save your configurations.

Attribute Mapping (optional) :

  • Go to the Attribute/Role mapping tab and navigate to the Attribute mapping section.
  • When the user performs SSO, the NameID value is sent to the Service Provider. This value is
    unique for every user.
  • SSO between two WordPress (WP) sites - attribute mapping
  • Click on the Save button to save your configuration.

User Attributes (optional) :

  • Go to the Attribute/Role mapping tab and navigate to User Attributes.
  • These are user attributes that can be sent to Service Provider
    (such as first_name and last_name).
  • You can add multiple attributes by click on "+" button.
  • SSO between two WordPress (WP) sites - user attribute
  • Click on the Save button to save your configurations.

Custom Attributes (optional) :

  • Go to the Attribute/Role mapping tab and navigate to Custom Attributes.
  • These are extra static attributes that can be sent to Service Provider.
  • You can add multiple attributes by click on "+" button.
  • SSO between two WordPress (WP) sites - custom attribute
  • Click on the Save button to save your configurations.

Role Mapping (optional) :

  • Go to the Attribute/Role mapping tab and navigate to Role Mapping section.
  • User groups are the collection of users having similar access roles and capabilities.
  • To map the Roles in WordPress as user group, please enable this option.
  • You can specify the attribute under which the groups will be passed to the Service Provider.

  • SSO between two WordPress (WP) sites - role mapping
  • Click on the Save button to save your configurations.
  • Go to the IDP Metadata tab. Here you can find information for configuring the Service Provider.
  • You can also download the metadata XML file, by clicking on the download link.
  • SSO between two WordPress (WP) sites - download metadata
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com