DotNetNuke SAML SP Single Sign-On (SSO) module gives the ability to enable SAML Single Sign-On for your DotNetNuke applications. Using Single Sign-On you can use only one password to access your DotNetNuke application and services. Our module is compatible with all the SAML compliant Identity providers. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between DotNetNuke and PingFederate considering PingFederate as IdP.
Download and Install the module in DotNetNuke
- Download the package for DNN SAML Single Sign-On (SSO) module.
- Upload the installation package dnn-saml-single-sign-on_xxx_Install by going in Settings > Extension > Install Extension.
Step 1: Add module on DNN page
- Open any of the page on your DNN site (Edit mode) and Click on Add Module.
- Search for DNNSAMLSSO and click on the DNNSAMLSSO. Drag and drop the module on the page where you want.
- You have finished with the Installation of the module on your DNN site.
Step 2: Configure PingFederate as Identity Provider
Follow the steps below to configure PingFederate as IdP
Step 3: Configure DotNetNuke SAML Module as Service Provider
- After configuring your Identity Provider, it will provide you with IDP Entity ID, IDP Single Sign On URL and x.509 Certificate. Configure these values under IDP Entity ID, Single Sign-On Url and SAML X509 Certificate fields respectively. (Refer to the Metadata provided by Identity Provider)
- Click Update to Save your IDP details.
Step 4: Test Configuration
- Click on the Test Configuration button to test the configuration.
Step 5: Adding Login Widget on DNN Page
- For Adding Button on the DNN page on beside the module settings click on the Add Item (Pencil Icon).
- Add Button name and Description for item and click on Save.
- You can see login button on the page after saving item. (If you are already logged in your site, you will see a "Logout" link).
- Note: If you want to Enable this button on every page of the DNN site follow below steps:
- Go to the Settings >> Module Settings >> Advanced Settings and Enable option for Display Module On All Page.
- Warning: You will lose all your configuration for the module after enabling this option. You can re-configure the module or it is better to enable this option before configuring the module.
Step 6: Attribute Mapping
- Attributes are user details that are stored in your Identity Provider.
- Attribute Mapping helps you to get user attributes from your IdP and map them to DotNetNuke user attributes like firstname, lastname etc.
- While auto registering the users in your DotNetNuke site these attributes will automatically get mapped to your DotNetNuke user details.
- Go to DNNSAMLSSO Settings >> Advanced settings >> Attribute Mapping.
Step 7: Role mapping (It is Optional to fill this)
- DotNetNuke uses a concept of Roles, designed to give the site owner the ability to control what users can and cannot do within the site.
- DotNetNuke has five pre-defined roles: Administrators, Subscribers, Registered Users, Translator (en-US) and Unverified Users.
- Role mapping helps you to assign specific roles to users of a certain group in your IdP.
- While auto registering, the users are assigned roles based on the group they are mapped to.
You can configure the DotNetNuke SAML 2.0 Single Sign-On (SSO) module with any Identity Provider such as
ADFS, Azure AD, Bitium, Centrify, G Suite, JBoss Keycloak, Okta, OneLogin, Salesforce, AWS Cognito,
OpenAM, Oracle, PingFederate, PingOne, RSA SecureID, Shibboleth-2, Shibboleth-3, SimpleSAML, WSO2 or
even with your own custom identity provider.