Follow the steps below to configure Jboss Keyclock as an Identity Provider
|Client ID||The SP-EntityID / Issuer from the step 1 of the plugin under Configure IDP tab.|
|Name||Provide a name for this client|
|Description||Provide a description|
|Optimize Redirect signing key lookup||OFF|
|Client Signature Required||OFF|
|Force Name ID Format||ON|
|Name ID Format|
|Root URL||Leave empty or Base URL of Service Provider|
|Valid Redirect URIs||The ACS (Assertion Consumer Service) URL from the step 1 of the plugin under configure IDP tab.|
|Assertion Consumer Service POST Binding URL||The ACS (Assertion Consumer Service) URL from the step 1 of the plugin under Configure IDP tab.|
|Logout Service Redirect Binding URL||The Single Logout URL from the step 1 of the plugin under Configure IDP tab.|
Download setup file
NOTE: If you click on Test Configuration button in Service Provider Setup tab and authenticate with your IDP, you can see a list of attributes sent by the IDP in the Attribute/Role mapping tab. This information can be used to provide the above mapping.
In the standard plugin, you can choose a default role which will be assigned to all the non-admin users when they perform SSO.
In the Standard plugin you can enable SP-initiated SSO using the following options.
NOTE: Please enable the Backdoor login and note down the backdoor URL. This will allow you to access the WordPress login page in case you get locked out of the IDP.
If you are looking for anything which you cannot find, please drop us an email on firstname.lastname@example.org