WordPress Single Sign-On Customized Login and Logout flow

Whenever you Single Sign-On into WordPress, by default your post login & logout flow redirect to the relay state or the URL from which you initiate the process and you end up on your WordPress page. In our WordPress Single Sign-On ( OAuth / OpenID Connect ) plugin, we provide an option to customize the post login and post logout redirect flow.

You can see these options on our Sign In Settings tab. Please find the exact path below:
miniOrange OAuth >> Sign In Settings >> Advanced Settings:

1. Custom Redirect URL post Login

• This feature allows you to configure the redirect URL wherever you want to redirect users after login. It allows flexibility to redirect the users after login to the page you want.

2. Custom Redirect URL post Logout ( Single Logout )

• This feature allows you to configure the URL wherever you want to redirect users after logout. It allows flexibility to redirect the users after logout to the page you want.

3. Advantages of using this feature

Post Login Customized URL:

• In many use cases, users need to be redirected to a particular page rather than a default WordPress page, so this feature is handy in that case to allow all the users to redirect to a desired page rather than the default page.

Post Logout Customized URL:

• Clicking on the logout option provided by WordPress just logs out users from the WordPress site, but there are many cases where the users have to be logged out from the IDP side as well, so this feature is handy in such situations. Single Logout might be different flow in some cases, but in many cases it can be achieved for a single IDP setup.

4. How to configure Post Login and Post Logout URL?

Post Login Redirection:

• Navigate to the Sign In Settings tab.
• Enter the URL you want the users to be redirected to when they login in the field opposite to Custom redirect URL after login.
• For example, if you want your users to be redirected to Google after they login, you can configure it like so:

• NOTE: You can keep this field blank if you want the users to be redirected to the same page where they clicked on the login button.

Post Logout Redirection:

Case 1 : Custom Post Logout Redirection

Using this feature, you can configure the URL wherever you want to redirect users after they log out.

• Go to the miniOrange OAuth Client Single Sign-On (SSO) plugin and navigate to the Sign In Settings tab.
• Enter the URL you want the users to be redirected to after logging out in the "Custom redirect URL after logout" field.
• For example, if you want your users to be redirected to Youtube after they logout, you can configure it as follow.


Case 2 : OpenID Connect Single Logout

Using the OIDC Single Logout feature, you can log out of WordPress and your OpenID Connect account at the same time.

• Go to the OAuth Client plugin and navigate to the Sign In Settings tab.
• Enter the OIDC SLO URL provided by your OIDC provider in Custom redirect URL after logout field.

• As an example, if you are using a keylock as your OAuth Provider then the Single logout URL format will be as below.
http(s)://example-host/auth/realms/my-realm-name/protocol/openid-connect/logout?
post_logout_redirect_uri=<encodedRedirectUri>&id_token_hint=##id_token##
• Note: You just need to change the following parameter in the above single Logout URL.

post_logout_redirect_uri

• This can be used to allow the user to redirect back to the client after sign-out. That is, you can configure any URL here where you want your users to redirect after logout.
• If you want to redirect users to this page https://example.com/page1, then the example URL will be,
  
http(s)://example-host/auth/realms/my-realm-name/protocol/openid-connect/logout?
post_logout_redirect_uri=https%3A%2F%2Fexample.com%2Fpage1&id_token_hint=##id_token##
• You will need to add this URL to the Custom redirect URL after the logout option and click on Save Settings. After you save the settings, you'll be logged out from both WordPress and keycloak.