WordPress SAML SP Single Sign-On plugin gives the ability to enable SAML Single Sign-On for your Wordpress sites. Our plugin is compatible with all the SAML compliant Identity providers. Here we will go through a step-by-step guide to configure SSO between WordPress site and CA Identity Manager by considering CA Identity Manager as IdP.
Pre-requisites : Download And Installation
To configure CA Identity Manager as SAML IdP with WordPress, you will need to install the miniOrange WP SAML SP SSO plugin:
Follow the steps below to configure CA Identity Manager as IdP
Configure CA Identity Manager as IdP
Note: For Single Sign On, make sure to install and setup CA SSO (formerly known as SiteMinder) with CA Identity Manager.
Create a Local Identity Provider
|Entity Type||SAML2 IDP|
|Entity ID||Enter an ID for your local identity provider for identification.|
|Entity Name||Create a name for your local identity provider.|
|Base URL||Enter the fully-qualified domain name for the host service CA SSO Federation Web Services.|
|Signed Authentication Requests Required||No|
|Supported NameID format||urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
Create a Remote Service Provider
Create a Partnership between SP and IDP
|Add Partnership Name||Enter a name for your partnership.|
|(Optional) Description||Enter a relevant description for your partnership.|
|Local IDP ID||Enter the Local Identity Provider ID created while adding a Local Entity.|
|Remote SP ID||Enter the Remote Service Provider ID created while adding a Remote Entity.|
|Base URL||This field will be pre-populated.|
|Skew Time||Enter any skew time required by your environment.|
|User Directories and Search Order||Select the required directories in the required search order.|
We will go through the steps to setup WordPress as a Service Provider. Here, we will be adding the IdP metadata to configure the plugin.
NOTE: If you click on Test Configuration button in Service Provider Setup tab and authenticate with your IDP, you can see a list of attributes sent by the IDP in the Attribute/Role mapping tab. This information can be used to provide the above mapping.
In the standard plugin, you can choose a default role which will be assigned to all the non-admin users when they perform SSO.
In the Standard plugin you can enable SP-initiated SSO using the following options.
NOTE: Please enable the Backdoor login and note down the backdoor URL. This will allow you to access the WordPress login page in case you get locked out of the IDP.
SCIM User Provisioning allows you to sync user's creation, updation and deletion from your IDP to WordPress siteKnow more
Page and Post Restriction plugin restricts WordPress pages and posts based on User Roles and User's Login StatusKnow more
LearnDash Integration will map the SSO users to LearnDash groups as per the user group attributes sent by your Identity ProviderKnow more
Attribute Based Redirection plugin can be used to restrict and redirect users to different URL's based on SAML attributesKnow more
If you are looking for anything which you cannot find, please drop us an email on firstname.lastname@example.org
miniOrange provides 24/7 support for all the Secure Identity Solutions. We ensure high quality support to meet your satisfaction.Sign Up
See for yourself what our customers say about us.Reviews
Easy and precise step-by-step instructions and videos to help you configure within minutes.Watch Demo
We offer Secure Identity Solutions for Single Sign-On, Two Factor Authentication, Adaptive MFA, Provisioning, and much more. Please contact us at -
+1 978 658 9387 (US) | +91 77966 99612 (India) email@example.com