Zoho SSO Login using WordPress(IDP) | Zoho SAML Single Sign-On

 Pre-requisite: Download And Installation

• To integrate the WordPress site as an Identity Provider, you will need to install the miniOrange
  Login using WordPress Users ( WP as SAML IDP ) plugin:



Validate your Zoho domain (skip this step if you already have a verified Zoho domain)


• Login to your Zoho account and access Zoho Mail.
• Click on Control Panel and select Mail and Docs.

• Go to Domains, click on Add Domain and add your domain.

• In the list, click the icon under the Verified column for your domain to validate it.

• Follow the steps specified on the page that opens up and after that click on Verify to validate your domain.

Step 1: Configure Zoho as the Service Provider (SP)

• Open the WordPress site.
• Install and activate the Login using WordPress Users ( WP as SAML IDP ) plugin on your WordPress site
  which is acting as an Identity Provider.
• Go to the Wordpress IDP plugin, navigate to the IDP Metadata tab. Here, you can find the Identity
  Provider metadata such as Certificate , Login URL and Logout URL which are used to configure the
  Service Provider(Zoho).



 Instructions:

• Open a new browser tab or window, Login to Zoho Accounts at https://accounts.zoho.com/ as a user with
  administrative rights.
• Navigate to Organization.
• Select SAML Authentication and click on Setup Now.



Switch back to the tab / window with the IDP Metadata. Enter the information into the corresponding fields.


Sign-in URL	Copy and paste the SAML Login URL.
Sign out URL	Copy and paste the SAML Logout URL.
Algorithm	RSA
X.509 Certificate	Download the certificate. Upload it here.

• Click on Configure to save the SAML Single Sign On (SSO) settings.




• Click on Download to download the metadata file. You can use this metadata file to configure the plugin.

Step 2: Configure WordPress as the Identity Provider (IDP)

• You would be needing following credentials from Zoho.
• Entity ID : e.g. "https://accounts.zoho.com/samlresponse/your_domain.com".
  
• ACS URL : e.g. "https://accounts.zoho.com/samlresponse/your_domain.com".
  
• You can find all the information in the Metadata file, downloaded in the previous step.
  
Note : Please ensure you replace "your_domain.com" with your Domain name.


 Instructions:

• Open the WordPress site.
• Go to the WordPress IDP plugin, navigate to the Service Provider tab.
• Enter the values corresponding to the information from Zoho. Refer to the table below.
  
  

  Service Provider Name	Name of your Service Provider.
  SP Entity ID or Issuer	Copy and paste the SP-EntityID from the metadata XML.
  ACS URL	Copy and paste the ACS URL from the metadata XML.
  NameID Format	urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
  Assertion Signed	Checked


• Click on the Save button to save your configurations.

Step 3: Testing SSO

• Launch your custom URL e.g.(mail.yourdomain.com).
• This will be redirected to the WordPress login page, provided in the configuration.
• The authentication will be validated by the identitiy provider.

If you were able to log into Zoho, then your configuration is correct.