NextCloud

Nextcloud is a suite of client-server software for creating and using file hosting services. Nextcloud application functionally is similar to Dropbox. Unlike Dropbox, Nextcloud does not offer off-premises file storage hosting. Nextcloud is free and open-source, which means that anyone is allowed to install and operate it on their own private server devices.

Login using WordPress Users (WP as SAML IDP) plugin gives you the ability to use your WordPress credentials to log into NextCloud. Here we will go through a step-by-step guide to configure SSO between, NextCloud as Service Provider and WordPress as an Identity Provider.

Note: Premium Version is required to set up SSO to NextCloud.

Follow the Step-by-Step Guide given below for NextCloud Single Sign On (SSO)

1. Download and Setup the plugin

• Login to WordPress using Administrator account.
• Download / Install this plugin - Login using WordPress Users (WP as SAML IDP) and activate it. You will see WordPress IDP in your WordPress menu bar in the dashboard.

To integrate the WordPress site as an Identity Provider, you will need to install the miniOrange Login using WordPress Users ( WP as SAML IDP ) plugin:

• Click on the WordPress IDP option in the menu bar, and select IDP Metadata tab.

2. Configure NextCloud as SP (Service Provider)

• Open a new browser tab or window, Log in to your NextCloud account as Account Admin.
• Click on the top right corner. Select Apps.

• Search for SSO & SAML Authentication. Click on Download and Enable.

• Click on the top right corner, and select Settings. Find SSO & SAML Authentication on the left side, and open it.

• Click on Use built-in SAML Authentication, click on Add Identity Provider.

Switch back to the tab / window with the IDP Metadata. Enter the information into the corresponding fields.


Attribute to map the UID to	EMail
Identifier of the IDP Entity	Copy and paste the IDP Entity ID.
URL Target of the IdP	Copy and paste the SAML Login URL.
Certificate	Download the Certificate. Open it in notepad. Copy and paste the content here.


• Once this is done, click on Download metadata XML to download the SP metadata XML file.

You have successfully configured NextCloud as Service Provider.

3. Configure WordPress as IdP (Identity Provider)

• Go to WordPress IDP Plugin on the Dashboard and select Service Providers tab.
• Enter the following information into the corresponding fields. Click Save.

Service Provider Name	NextCloud
SP Entity ID or Issuer	https://<your Nextcloud URL>/index.php/apps/user_saml/saml/metadata
ACS URL	https://<your Nextcloud URL>/index.php/apps/user_saml/saml/acs
NameID Format	urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress


• Click on the IDP Metadata tab.

4. Configure attributes in the plugin (This is a premium feature)

• Select Attribute/Role Mapping. In the User Attributes section, enter the following information. Click Save.
  
  

  Name	User Meta Data
  EMail	user_email

In this Guide, you have successfully integrated NextCloud - SAML Single Sign-On (SSO) with plugin- Login using WordPress Users (WP as SAML IDP). Configuring NextCloud as SP and WordPress as IDP. This solution ensures that you are ready to roll out secure Single Sign-On (SSO) access with SAML 2.0 Authentication into NextCloud using WordPress login credentials.

Additional Resources