RocketChat Single Sign On (SSO) with WordPress as IDP | Login into RocketChat using WordPress


Login using WordPress Users ( WP as SAML IDP ) plugin gives you the ability to use your WordPress credentials to log into RocketChat. Here we will go through a step-by-step guide to configure SSO between RocketChat as Service Provider and WordPress as an Identity Provider.

Note: Premium Version is required to set up SSO to RocketChat.

Follow the Step-by-Step Guide given below for RocketChat Single Sign On (SSO)

Step 1: Download and Setup the plugin

  • Login to WordPress using Administrator account.
  • Download / Install this plugin - Login using WordPress Users ( WP as SAML IDP ) and activate it. You will see WordPress IDP in your WordPress menu bar in the Dashboard.

  • Click on the WordPress IDP option in the menu bar, and select IDP Metadata tab. Here, you can find the Identity Provider metadata such as Certificate , Login URL and Logout URL which are used to configure the Service Provider (RocketChat).

  • plugin setup nextcloud as sp

Step 2: Configure RocketChat as Service Provider

  • Open a new browser tab or window, Log in to your RocketChat account as Account Admin.
  • Click on the left corner. Select Administration.

  • home view rocketchat as sp

  • Search for SAML under Administration tab.

  • Enter the information into the corresponding fields.

  • Custom Provider <name-of-your-app>
    Custom Entry Point Copy and paste the SAML Login URL from IDP Metadata tab
    IDP SLO Redirect URL Copy and paste the SAML Logout URL from IDP Metadata tab
    Custom Issuer https://<your-rocketchat-url>/_saml/metadata/<name-of-your-app>
    Public Cert Contents (a) Open the Public Cert Contents dropdown
    (b) Download the Certificate from IDP Metadata.
    Open it in notepad. Copy and paste the content here.
    Signature Validation Type Validate Either Signature
    User Data Field Map Open the User Data Field Map dropdown and enter the following attributes:
    {"username":"username", "email":"email", "name": "cn"}

    Note: Custom Provider = <name of your app> e.g. my-app

    saml setting rocketchat as sp

  • Once this is done, click on Enable and Save Changes

Step 3: Configure WordPress as the Identity Provider

  • Go to WordPress IDP Plugin on the Dashboard and select Service Providers tab.

  • Enter the following information into the corresponding fields. Click Save.

  • Service Provider Name RocketChat
    SP Entity ID or Issuer https://<your-rocketchat-url>/_saml/metadata/<name-of-your-app>
    ACS URL https://<your-rocketchat-url>/_saml/validate/<name-of-your-app>
    NameID Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
    Assertion Signed Check to sign the SAML Assertion.
    enter sp info rocketchat as idp

Step 4: Configure attributes in the plugin (This is a premium feature)

  • Select Attribute/Role Mapping. In the User Attributes section, enter the following information. Click Save.

    cn first_name
    email user_email
    username user_login
  • attribute mapping rocketchat as sp
Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to