NextCloud

NextCloud is a suite of client-server software for creating and using file hosting services. NextCloud’s application functionally is similar to Dropbox. Unlike Dropbox, Nextcloud does not offer off-premises file storage hosting. Nextcloud is free and open-source, which means that anyone is allowed to install and operate it on their own private server devices. Login using WordPress Users (WP as SAML IDP) Plugin enables Single Sign-On (SSO) login into NextCloud using WordPress Login credentials, i.e. authentication via WordPress. In this guide we will set up NextCloud SSO login for WordPress (WP) users by configuring NextCloud as Service Provider (SP) and WordPress as the Identity Provider (IDP).

Pre-requisites: Download And Installation

To integrate the WordPress site as an Identity Provider, you will need to install the miniOrange Login using WordPress Users ( WP as SAML IDP ) plugin:

Login using WordPress Users ( WP as SAML IDP )

By miniOrange

(35)

Single Sign-On (SSO) login with WordPress Users into any Service Provider like Tableau, Zoho, Zoom, Moodle, Canvas LMS, Absorb LMS, TalentLMS, etc.

 Tested with 6.0.0

Get this plugin

Guide to configure NextCloud WP SSO Login:

1. Configure NextCloud as SP (Service Provider)

• Login to WordPress using Administrator account.
• Download / Install this plugin - Login using WordPress Users (WP as SAML IDP) and activate it. You will see WordPress IDP in your WordPress menu bar in the dashboard.
• Click on the WordPress IDP option in the menu bar, and select IDP Metadata tab.

• Open a new browser tab or window, Log in to your NextCloud account as Account Admin.
• Click on the top right corner. Select Apps.

• Search for SSO & SAML Authentication. Click on Download and Enable.

• Click on the top right corner, and select Settings. Find SSO & SAML Authentication on the left side, and open it.

• Click on Use built-in SAML Authentication, click on Add Identity Provider.

Switch back to the tab / window with the IDP Metadata. Enter the information into the corresponding fields.


Attribute to map the UID to	EMail
Identifier of the IDP Entity	Copy and paste the IDP Entity ID.
URL Target of the IdP	Copy and paste the SAML Login URL.
Certificate	Download the Certificate. Open it in notepad. Copy and paste the content here.


• Once this is done, click on Download metadata XML to download the SP metadata XML file.

You have successfully configured NextCloud as Service Provider.

2. Configure WordPress as IdP (Identity Provider)

• Go to WordPress IDP Plugin on the Dashboard and select Service Providers tab.
• Enter the following information into the corresponding fields. Click Save.

Service Provider Name	NextCloud
SP Entity ID or Issuer	https://<your Nextcloud URL>/index.php/apps/user_saml/saml/metadata
ACS URL	https://<your Nextcloud URL>/index.php/apps/user_saml/saml/acs
NameID Format	urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress


• Click on the IDP Metadata tab.

3. Configure attributes in the plugin (This is a premium feature)

• Select Attribute/Role Mapping. In the User Attributes section, enter the following information. Click Save.
  
  

  Name	User Meta Data
  EMail	user_email

In this Guide, you have successfully integrated NextCloud SSO via the Login using WordPress Users (WP as SAML IDP) Plugin by configuring NextCloud as SP and WordPress as IDP. This solution ensures that you are ready to roll out secure Single Sign-On (SSO) access with SAML 2.0 Authentication into NextCloud using WordPress login credentials (Nextcloud WP SSO).

Additional Resources