Client Use Case:
As a prominent retail chain company boasting a sizable customer base and a wide network of sellers and suppliers, Walmart has embarked on a strategic endeavor to introduce Single Sign-on functionality on its website. This pioneering initiative aims to elevate the user experience and fortify security measures. A pivotal component of this implementation revolves around preventing automatic login and registration into WordPress for users. To accomplish this, Walmart intends to restrict website access solely to a selected group of users who have undergone manual registration by the administrator and are stored in the database.
Moreover, Walmart endeavors to enforce stringent controls over certain pages and posts, contingent upon roles and groups assigned by the Identity Provider (IDP). Additionally, they aspire to regulate access to internal documents hosted on their website, catering specifically to suppliers and sellers, based on their designated roles as authorized by the IDP.
Walmart has successfully implemented the WP OAuth Client SSO plugin developed by miniOrange to facilitate user login via a designated provider. To fulfill Walmart's specific requirements, miniOrange has provided them with the WordPress OAuth Client SSO plugin, which includes an additional feature called Auto-create users. This feature ensures that only registered users in the database are permitted to log in to the website. It proves particularly beneficial for those who prefer not to individually register users following a single sign-on process.
In addition, Walmart has effectively utilized the Page & Post Restriction add-on to exercise control over access to specific WordPress pages, posts, and documents based on the user roles obtained from their Identity Provider (IDP). Given Walmart's involvement with numerous suppliers and sellers who require access to these restricted documents, they have decided to exclusively grant editing privileges to authors, thereby maintaining a streamlined and secure editing process.
Client Use Case:
Decathlon, a renowned sports retailer, maintains a diverse range of subsites within their main website. These subsites cater to various purposes and offerings. However, one particular subsite stands out as it serves as a centralized hub for hosting an assortment of valuable content such as press releases, blogs, and more.
In order to maintain control and enhance security, Decathlon has expressed the need to implement access restrictions specifically for this subsite. Their objective is to allow only authorized users, whose roles are defined by their respective identity providers, to access and engage with the content hosted on this site.
By leveraging the capabilities of identity providers, Decathlon aims to ensure that the information and resources available on this subsite are accessible solely to individuals with the appropriate user roles. This strategic approach not only strengthens data privacy but also enables Decathlon to deliver a tailored experience to users based on their assigned roles within the identity provider framework.
Implementing user role-based restrictions on this particular subsite empowers Decathlon to maintain the integrity of their content, protect sensitive information, and provide a personalized browsing experience for users based on their authorization levels.
Decathlon has successfully implemented miniOrange's WP OAuth Client SSO plugin to facilitate user login through a designated provider. This integration has allowed Decathlon to meet their specific use cases and ensure that only authorized roles can access their blog site.
To achieve this and enhance the security and control over user access, miniOrange provided Decathlon with the WP OAuth/OpenID Connect SSO plugin along with page and post restriction add-on. These add-ons enable Decathlon to restrict access to certain pages and posts based on user roles, ensuring that only the intended audience can view and interact with specific content.
This comprehensive solution provided by miniOrange has empowered Decathlon to streamline their user authentication process, enhance security measures, and tailor the access permissions according to their specific requirements.
Client Use Case:
Toshiba had a requirement to set up Single Sign-on (SSO) integration with Azure AD, aiming to streamline the authentication process for their users by utilizing Azure AD's credentials. Their objective was to establish a seamless connection between Azure AD and WordPress, thereby syncing the user profile information from Azure AD to the WordPress user profiles.
In addition to that, Toshiba sought to enhance the security of their system by implementing a session termination mechanism. Specifically, they wanted to ensure that when users logged out from WordPress, their Azure sessions would be terminated immediately, thereby preventing the storage of any session cookies that could potentially compromise security.
By addressing these objectives, Toshiba aimed to enhance user experience, simplify the login process, and bolster the overall security of their system.
In order to meet the requirement of authenticating users through Azure AD, Toshiba utilized the WP OAuth Client SSO plugin by miniOrange. To effectively map group attributes from the JWT Token to the corresponding values in WordPress user profiles, miniOrange provided a custom attribute mapping solution to handle the retrieval of attribute mapping from the JWT token.
Moreover, Toshiba was also granted the Single Logout Functionality, ensuring that when a user logs out from WordPress, they are simultaneously logged out from their Azure AD session. With this feature in place, when a user logs out from one application, all other applications utilizing the authentication from the identity provider (IdP) also log out the user from their respective applications. This eliminates the need for users to individually log out from each previously accessed application.
Client Use Case:
As a renowned telecommunications operator in Switzerland, the company operates numerous sites and serves a wide range of users. In order to enhance their authentication process, they sought to implement Azure AD and F5 integration for user authentication. The goal was to establish a seamless Single Sign-On experience for their users across both providers. Additionally, the company aimed to implement role-based access control, allowing them to restrict certain pages and posts based on the users' roles derived from the identity provider.
By integrating Azure AD and F5 into their authentication framework, the company aimed to streamline the login experience for their users, eliminating the need for multiple sets of credentials and enhancing convenience. Users would be able to authenticate once and gain access to various resources and services across different platforms seamlessly.
Furthermore, with the implementation of role-based access control, the company intended to enhance security and ensure that users only had access to the appropriate content based on their designated roles. This would enable more efficient management of user permissions and provide a personalized experience tailored to each user's needs and responsibilities.
The miniOrange OAuth Client SSO plugin offers a convenient solution for achieving seamless single sign-on across multiple providers. One of its notable features is Multiple SSO provider’s Support, which enables users to log in to WordPress by selecting their preferred Identity Provider (IDP) from a list of configured options, including OAuth 2.0, OpenID Connect 1.0, and JWT providers. This flexibility allows users to choose the authentication method that suits them best. In this case, users can choose Azure or F5 for authentication.
In addition to the multiple IDP support, miniOrange provides an effective Page & Post Restriction add-on. This add-on empowers administrators to control access to specific pages or posts based on the user's role as defined by the identity provider. With this functionality, website owners can restrict content visibility and ensure that only authorized individuals can access certain pages or posts.
By leveraging miniOrange's OAuth Client SSO plugin along with the Page & Post Restriction add-on, WordPress users can enhance their website's security and streamline the login experience. These features work together seamlessly to create a robust authentication system that aligns with the needs and preferences of both website administrators and users.
Client Use Case:
Bosch, a company that provides services in the automobile industry, had a specific goal in mind: to create a website dedicated to selling dashcams. In order to ensure a seamless and efficient user experience, Bosch decided to implement a single sign-on system using AWS Cognito for user authentication. They aimed to enable their users to log in into the website using their Cognito credentials without the need for redirection to the AWS Cognito platform for authentication.
Additionally, Bosch wanted to streamline the user registration process by integrating it with WordPress. Whenever a user registered on the WordPress website, Bosch intended to automatically add the same user to their AWS Cognito user pool. This integration would save users the hassle of creating separate accounts for both platforms.
By incorporating these features, Bosch aimed to optimize the user journey on their dashcam sales website, providing a seamless login experience, synchronizing user data between WordPress and AWS Cognito, and offering convenient password management capabilities.
The successful implementation of this use case was made possible by leveraging the powerful capabilities of the miniOrange OAuth Client SSO plugin in conjunction with the Cognito Integrator. This specific add-on is included as part of the comprehensive All-inclusive plan offered by the OAuth Client SSO plugin.
To achieve seamless login functionality using Cognito credentials, the Cognito Integrator played a crucial role. It enabled users to authenticate themselves using their Cognito credentials directly within the WordPress website, eliminating the need for redirection to the AWS Cognito platform. This streamlined the login process, providing a more convenient and user-friendly experience.
In addition, the Auto create feature served as an effective solution for automatically adding a user to the AWS Cognito user pool whenever they registered on the WordPress website. This automated process saved time and effort by eliminating the need for manual user creation in the Cognito user pool.
By combining the miniOrange OAuth Client SSO plugin, the Cognito Integrator, and the Auto create feature, a comprehensive solution was achieved that seamlessly integrated Cognito authentication within the WordPress environment. This allowed users to securely access their accounts using their Cognito credentials, while simplifying the administration of user accounts through automatic user pool population.
Indeed is a renowned multinational corporation headquartered in Stamford, Connecticut. With a strong global presence and a commitment to revolutionizing the world of job search and talent acquisition, Indeed is a frontrunner in the employment services industry.
The company's core focus revolves around connecting job seekers with opportunities and providing innovative recruitment solutions to employers. Indeed's extensive portfolio includes a diverse range of services aimed at enhancing the job-seeking experience for millions of users worldwide.
From job listings and applicant tracking systems to workforce data analytics, Indeed's offerings cater to both job seekers and employers alike. In the ever-evolving landscape of online recruitment, Indeed consistently strives to empower individuals and organizations by facilitating meaningful connections in the job market.
With its user-friendly platform, vast job database, and commitment to innovation, Indeed is a leading force in shaping the future of work.
Client Use Case:
Indeed, a company that provides services in the recruitment industry, wanted to migrate their Identity Provider from OneLogin to Okta, and as part of this transition, they were in the market for a dependable vendor to facilitate Single Sign-On collaboration.
Given the intricacies of their migration project, their primary concern was gaining insight into the support capabilities of miniOrange during this critical transition. They placed particular emphasis on the level of technical assistance provided and the availability of training resources to optimize the utilization of our services.
In order to ensure a seamless and efficient user experience, Certainly, they chose to acquire a single sign-on system for various environments in order to evaluate solutions and multiple usage scenarios concurrently.
In addition to implementing Single Sign-On through Okta, They wanted to make sure that users authenticate themselves through Okta (their Identity Provider) instead of using the WordPress login (username and password) before accessing the system. To accomplish this, they were advised to use the "Hide and Disable Login" feature in WordPress and enable the Force Authentication Requirement.
Client Use Case:
Discovery Inc. had a requirement to authenticate their users using Okta and sync user details from Okta to their WordPress platform. They also needed to grant different access levels to their members based on custom roles.
By integrating Okta into their system, Discovery Inc. aimed to improve user authentication. Users would be able to log in using their Okta credentials, eliminating the need for separate login information and enhancing convenience.
Additionally, they wanted to synchronize user details between Okta and WordPress. This synchronization would ensure that user profiles and information remained consistent across both platforms, reducing the chance of discrepancies or outdated information.
To manage access levels effectively, Discovery Inc. planned to utilize custom roles. They wanted to assign roles such as Admin, Editor, and Subscriber based on their existing custom roles. This would allow them to grant different permissions and privileges to users based on their assigned roles.
The miniOrange WordPress OAuth Client SSO plugin played a crucial role in authenticating users on Discovery.com through Okta. By leveraging this plugin, users were able to seamlessly log in to the website using their Okta credentials, ensuring a secure and convenient authentication process.
To ensure data consistency and streamline user management, the System for Cross-domain Identity Management (SCIM) add-on was utilized. This add-on facilitated the synchronization of user details between Okta and WordPress, ensuring that any changes made in either platform were reflected accurately in the other.
In addition to user synchronization, the implementation of the advanced role mapping feature proved beneficial for granting varying access levels to Discovery.com members based on their custom roles. This feature enabled the assignment of roles such as Admin, Editor, and Subscriber, leveraging the existing custom roles established within the organization.
Overall, the combination of the miniOrange WordPress OAuth Client SSO plugin, SCIM add-on, and advanced role mapping feature provided Discovery.com with a robust and comprehensive solution for user authentication, data synchronization, and role-based access control.