Login using WordPress Users ( WP as SAML IDP ) plugin gives you the ability to use your WordPress credentials to log into TalentLMS. Here we will go through a step-by-step guide to configure SSO between TalentLMS as Service Provider and WordPress as an Identity Provider.
Note: Premium Version is required to set up SSO to TalentLMS.
Follow the Step-by-Step Guide given below for TalentLMS Single Sign On (SSO)
Step 1: Download and Setup the plugin
Login to WordPress using Administrator account.
Download / Install this plugin - Login using WordPress Users ( WP as SAML IDP ) and activate it. You will see WordPress IDP in your WordPress menu bar in the Dashboard.
Click IDP Metadata tab. Here, you can find the Identity
Provider metadata such as Certificate , Login URL and Logout URL which are used to configure the
Service Provider (TalentLMS).
Step 3: Configure attributes in the plugin (This is a premium feature)
Select Attribute/Role Mapping. In the User Attributes section, enter the following information. Click Save.
User Meta Data
Step 4: Configure TalentLMS as Service Provider
Sign in to your TalentLMS account as Administrator, go to Home > Account & Settings > Users and click Single Sign-On (SSO).
Enter the following values in resepctive fields:
SSO integration type: From the drop-down list, select SAML2.0.
Identity provider (IdP): Type the domain of SAML 2.0 identity provider.
Certificate fingerprint: Download the Certificate from IDP Metadata Open it in notepad. Copy and paste the content here.
Remote sign-in URL: You can find this in IDP Metadata as SAML Login URL.
Remote sign-out URL: You can find this in IDP Metadata as SAML Logout URL.
The remaining fields are used for naming the SAML variables that contain the user data required by TalentLMS and provided by WordPress IdP. Those are optional, and they can be left blank for most SAML IdP deployments. In that case, their default values are applied.
Attribute Mapping values provided from IDP
Group: The names of the groups of which the user is a member. This variable may be assigned a single string value or an array of string values for more than one group name. When there is a group by the same name in your TalentLMS domain, the user is automatically registered in that group at their first log-in. The user is also enrolled in all the courses assigned to that group.
Click Save and check your configuration. If everything is correct, you’ll get a success message that contains all the values pulled from your IdP.