SingPass Single Sign-On (SSO) Integration with WordPress OAuth
In today's digital world, it can be really difficult to deal with a lot of usernames and passwords. That's where a powerful solution comes in – Single Sign-On (SSO). Our innovative solution seamlessly integrates with the WordPress OAuth plugin and SingPass. It not only streamlines the complex task of verifying identities online but but also offers several advantages that improve both user experience and administrative efficiency.
Introduction:
To implement this solution we will use SingPass as an identity provider (IDP) for Single Sign-On (SSO) with WordPress sites. We will explore the benefits of using SingPass as your IDP for SSO and how our solution can help you achieve Single Sign On (SSO) with WordPress OAuth plugin. By the end of this document, you will have a better understanding of how our SingPass SSO login solution can simplify user management and improve the user experience for your WordPress site.
Pre-requisites : Download And Installation
Get the plugin.
To get the miniOrange SingPass Single Sign-On (SSO) Plugin, please click here
What is SingPass?
SingPass stands for Singapore Personal Access. It is a digital identity for all Singapore citizens and residents that allows them to access over 800 government agencies and businesses with 1,700+ digital services, online and in person. It’s a convenient and secure way to make any transaction involving sensitive data with different government agencies.
What is Single Sign-On?
Single Sign-On (SSO) is a mechanism that allows users to access multiple applications or sites using a single set of login credentials. With SSO, users can authenticate themselves once and then access multiple applications or sites without having to log in again. SSO can be implemented using various protocols such as OAuth, SAML, OpenID Connect, or custom APIs.
In this particular use case of SSO using SingPass, we will be reducing login friction and simplifying user management for organizations. It also enhances user experience by providing a seamless and consistent user journey across multiple applications or sites.
How to achieve SSO using a SingPass credentials?
4.1 Setup SingPass as OAuth Provider
- Go to the developer account of SingPass and signup/login.
- Create a developer application of SingPass. Add the Redirect / Callback Url which you will get from OAuth Single Sign-On plugin. Send it to the approval by clicking on Submit button.
- Once approved by the Singapore government you will get the Client Credentials like client ID & client secret. Copy the Client ID and Client Secret and save it under the Client ID and Client Secret in your WordPress OAuth Single Sign-On (SSO) Plugin Configuration
You have successfully configured SingPass as OAuth Provider for achieving user authentication with SingPass Single Sign-On (SSO) login into your WordPress Site.
4.2 Setup WordPress as OAuth Client
- Go to Configure OAuth tab and click Add New Application to add a new client application into your website.
- Choose your Application from the list of OAuth / OpenID Connect Providers, Here Custom OpenID Connect App.
- After selecting the provider copy the Callback URL which needs to be configured in OAuth Provider's SSO application (developer application of SingPass) Configuration.
- After your developer application is approved by SingPass, you will receive a client ID and client secret. Please enter these credentials in the plugin's corresponding fields.
- Please refer the below table for configuring the Scope & Endpoints for SingPass in the plugin
- Click on Next.
- After verifying all the details on the summary page, click on Finish to save the configuration as well as test the SSO connection.
| Scopes | openid |
| Authorize Endpoint: | https://login.singpass.gov.sg/oauth/authorize |
| Access Token Endpoint: | https://login.singpass.gov.sg/oauth/token |
4.3 User Attribute Mapping
- User Attribute Mapping is mandatory for enabling users to successfully login into WordPress. We will be setting up user profile attributes for WordPress using below settings.
- Go to Configure OAuth tab. Scroll down and click on Test Configuration.
- You will see all the values returned by your SingPass application to WordPress in a table. If you don't see value for First Name, Last Name, Email or Username, make the required settings in your SingPass developer application to return this information.
- Once you see all the values in Test Configuration, go to Attribute / Role Mapping tab, you will get the list of attributes in a Username dropdown.
Finding user attributes
The following is a sample image for your reference. The attribute names can vary depending on your OAuth provider's configuration.
You have successfully configured WordPress as OAuth Client for achieving user authentication with SingPass Single Sign-On (SSO) login into your WordPress Site.
Additional Resources
- OAuth 2.0 authorization code flow in SingPass
- WordPress Single Sign-On (SSO) OAuth / OpenID Connect / JWT
- What is OAuth 2.0 and how does it work?
- Frequently Asked Questions (FAQs)
Need Help?
Mail us on oauthsupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.
Need Help? We are right here!
