Contents

WordPress SAML Single Sign-On (SSO) with Multiple Identity Providers

miniOrange SAML Single Sign-On plugin provides a seamless Single Sign-On solution for WordPress, allowing your users to log into your WordPress site by authenticating via multiple Identity Providers. You can configure multiple SAML IDPs (Identity Providers) in the Enterprise or All-Inclusive plan of the plugin and give users the option to select the IDP of their choice to login. miniOrange provides a centralized way to connect seamlessly with all IDPs and integrate SSO into WordPress.

You can visit our WordPress Single Sign On using SAML SSO plugin to know more about various features we provide.

Pre-requisites : WordPress SAML SSO Plugin

We recommend our miniOrange SAML Single Sign On - SAML SSO login plugin for WordPress multiple-idp Single Sign-On (SSO).

Get a Free Trial Now or Contact Us for more information.

How SAML 2.0 Single Sign-On works with Multiple Identity Providers?

With miniOrange SAML SSO plugin you can configure Multiple IDPs. This allows the users to authenticate with different IDPs based on the domain name in their email address.

How to use the different configured IdPs with SAML SSO?

With our miniOrange SAML SSO multiple-IdP plugin, you can provide different login flows to your users as follows:

Domain Mapping: You can map email domains to the IdPs. Users will just need to enter their email address on the WordPress login page and they will be redirected to their IdP's login page for authentication, as per the mapping provided.
You can enable SSO Login based on the Domain Mapping option. Users will have to enter the email-id to login and if their domain is mapped then they will be redirected to that IDP for authentication.
In case the Domain Mapping fails, this option allows you to perform login either using WordPress credentials or Redirect to the chosen default Identity Provider.

SSO links/buttons: You can add IdP specific SSO links or buttons on your site using which your users can click on their respective IdP's link for authentication. You can also provide IdP specific SSO URLs to your users. When your users try to access your site using these URLs, they will be auto redirected to the corresponding IdPs login page.
Discovery list: You can provide an IdP selection dropdown anywhere on your site. Users can select their IdP from this list in order to authenticate themselves with their IdP.
To see the list of IDPs in the dropdown use the following shortcodes:

For PHP Page: echo do_shortcode('[MO_SAML_IDP_LIST]');
For HTML Page: [MO_SAML_IDP_LIST]

For Example - If you have users from multiple organizations (like Universities), you can configure all the Organization IDPs and have users authenticate themselves with their Organization account.

How to add new Identity Providers in the plugin?

Our miniOrange SAML Single Sign-On plugin allows you to add multiple IDPs so that users can authenticate and login using any IDP of their choice.

You can add a new Identity Provider in the plugin by simply uploading the IdP’s Metadata file or adding the Metadata URL in the plugin.

Benefits of SSO with Multiple IdPs:

If your site has users from different organizations and you want them to authenticate with their organization account, using this plugin you can do that securely. For example - if you have a site that has users from different Universities, you can force your users to sign in using their University account.
Using this plugin you can restrict your site access to the users from particular organizations.
You can provide access to your courses on WordPress to different universities each having its own IDP like Shibboleth, ADFS, etc. You can provide Single Sign-On (SSO) into this course application to all these universities by integrating all of them using our miniOrange SAML Single Sign-On plugin.
Multiple IdP Single Sign-On (SSO) with miniOrange can simplify the login process for WordPress sites increasing the organizational productivity by reducing multiple application logins.

Use-cases supported seamlessly by the miniOrange SAML SSO Multiple IdP plugin are:

1. Federation SSO

miniOrange supports Single Sign-On (SSO) with any federation services like InCommon, HAKA, HKAF etc to provide secure access to your WordPress sites. We work with all federation supported IdPs like Shibboleth, Ping etc.

Our plugin allows students or staff to login into the WordPress site using their University credentials that are affiliated with any federation such as InCommon, HAKA, HKAF etc.

Federation SSO allows the users to log into the WordPress site by selecting their University from the Federation's discovery list. This enables the Students to have the ability to choose their University during login and authenticate using their University credentials.

You can read more about miniOrange Federation SSO from here.

2. Azure AD Multi Tenant SSO

miniOrange allows you to connect different Azure tenants to your WordPress site so that your users present in each of the Azure Active Directory or Office 365 tenants can perform SSO and get logged in to the WordPress site with their credentials.

Multi-tenancy for Azure AD can be seamlessly achieved using miniOrange in no time. This allows you to provide role based access to your WordPress site for your users from different Azure AD tenants.

3. Salesforce Multiple Community SSO

miniOrange provides a ready to use solution for Salesforce community users to login to the WordPress site by authenticating with their respective Salesforce Community credentials. You can easily enable SSO with multiple Salesforce communities which will allow your users to login to WordPress sites using different Salesforce Community credentials.

4. Multiple ADFS server SSO

miniOrange allows you to connect your WordPress site with more than one ADFS server. With this, your users can log into your WordPress site by authenticating via their respective ADFS server.

Additional Resources

If you are looking for anything which you cannot find, please drop us an email on samlsupport@xecurify.com

Contents