Enable WordPress Single Sign on using Auth0 as your identity provider using WP Cloud SSO plugin.
Configure an application within Auth0 and download the SAML configuration and integrate into your WordPress website, which will allow you to map Auth0 users to WordPress roles and enable SSO for WordPress using WP Cloud SSO with Auth0 as your IDP and securing login access..
Table of Contents
1.) Setup Auth0 as IDP for WordPress
By following these steps below you can configure Auth0 as IdP.
A. Configure Auth0 as IdP.
- In the WP Cloud SSO plugin, go to Service Provider Metadata tab.
- In here, you can find the SP metadata such as SP Entity ID and ACS (AssertionConsumerService) URL which are required to configure the Identity Provider.
Copy these values from the Service Provider Info tab of the WP Cloud plugin.
- SP Entity ID
- ACS URL
- Single Logout URL
C). Steps :
- Click Create Application.
- A new window will pop-up. Input a name for the application and select Regular Web App.
- Click on CREATE button.
- Select the Addons tab.
- Enable SAML2 option in the addons. It will open up a Configuration window.
- Enter Application Callback URL, Audience, Recipient and other settings using SP entity ID and ACS URL copied from the plugin as shown below:
- Scroll down and click on Enable.
- Go to the Usage tab and click on the Identity Provider Metadata download link. This will download the metadata XML file which you’ll need for setting up the SAML plugin.
These steps allowed you to successfully configure Auth0 as SAML IdP (Identity Provider) for achieving Auth0 SSO login into your WordPress Site.
2.) Configure WordPress as SP
In the WordPress WP Cloud SSO plugin, go to the Service Provider Setup tab of the plugin.
There are 2 ways to configure the WordPress SSO plugin:
A. By uploading IDP metadata:
- Click on Upload IDP metadata button.
- Enter the Identity Provider Name.
- You can either upload a metadata file and click on Upload button or use a metadata URL and click on Fetch Metadata.
IMAGE TO FLLOW XXX
B. Manual Configuration:
- Input the required settings (i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) as provided by your Identity Provider and click on the Save button.
3.) Auth0 Attribute Mapping
- This feature allows you to map the user attributes sent by the IDP during SSO to the user attributes at WordPress.
- In WordPress WP Cloud SSO plugin, go to Attribute/Role Mapping tab and fill up the following fields in Attribute Mapping section.
IMAGE TO FOLLOW
- Custom Attribute Mapping: This feature lets you map any attribute sent by the IDP to the usermeta table of WordPress.
4.) WordPress Role Mapping using Auth0
This feature allows you to assign and manage roles of the users when they perform SSO.
Together with the default WordPress roles, it is also compatible with any custom roles as well.
- From the Attribute Mapping section of the plugin, provide a mapping for the field named Group/Role. This attribute contains the role related information sent by the IDP and will be used for Role Mapping.
- Go to role mapping section and provide the mappings for the highlighted roles.
IMAGE TO FOLLOW
- If you want a user whose Group/Role attribute value is wp-editor to be assigned as an Editor in WordPress, just provide the mapping as wp-editor in the Editor field of Role Mapping section.