G Suite / Google Apps WordPress SSO

Enable G Suite Google Apps as your identity provider (IDP) for WordPress to enable Single Sign On (SSO) using the WP Cloud SSO plugin.

 

This setup guide will explain the steps to set Google Apps as your IDP and allow SSO for your WordPress users, Map Gsuite/Google App users to WordPress roles and enable the single sign on experience at the same time securing access to WordPress.

Google Apps WordPress SSO

with WP Cloud SSO

Table of Contents

1.) Setup G Suite/ Google Apps as IDP for WordPress

The following steps allows you to configure G Suite/ Google Apps as IdP.

A). Configure G Suite/ Google Apps as IdP:

 

  • In the WP Cloud  WordPress SP SSO plugin go to SP ( Service Provider) Metadata tab. In here, there are SP metadata, like SP Entity ID and ACS ( AssertionConsumerService) URL, that are needed to configure the G Suite / Google Apps as IdP ( Identity Provider). 

IMAGE TO FOLLOW 

  • Click on https://admin.google.com and login to G Suite Administrator account. 
  • Go to the Apps tab on the left menu and click on Web and mobile apps

B). Add a SAML APP

  • Click on Add App button. In the dropdown select Add Custom SAML app tab to create a new saml app. 
  • Input details for custom WP Cloud SSO app and click on Continue. 

C). IDP Information

 

  • Click on Download Metadata button. You need to do this for later configuration of the add-on.
  • You may also copy G Suite details like SSO URL, entity ID and Certificate to configure the add on manually and click on Continue

D).Service Provider Details

 

  • Input details from the Service Provider Metadata tab of the  WP Cloud SSO plugin.
Field Setting
ACS URL

Copy and paste the ACS URL from the plugin.

Entity ID

Copy and paste the SP Entity ID/ Issuer from the plugin.

Signed Response 

Check Signed Response ✓.

Name ID Format
EMAIL
  • Click  on Continue.

E). Attribute Mapping

  • Click on Add Mapping.
  • Add and select user fields in Google Directory and map them to Service Provider attributes and Click on Finish button. 

Turn On

 

  • Navigate to WP Cloud SSO APPS again and click on OFF to everyone.
  • Following that step, click ON for everyone to activate SSO
  • You have successfully configured G Suite / Google Apps as WP Cloud IdP (Identity Provider) for achieving
    G Suite / Google Apps SSO login into your WordPress (WP) site.

2.) Configure WordPress as SP

3.) Google Apps Attribute Mapping

  • Attribute Mapping feature allows you to map the user attributes sent by the IDP during SSO to the user attributes at WordPress.

 

  • In WordPress WP Cloud plugin, go to Attribute/Role Mapping tab and fill up the following fields in Attribute Mapping section.
  • Custom Attribute Mapping: This feature lets you map any attribute sent by the IDP to the usermeta table of WordPress.

4.) WordPress Role Mapping using Google Apps

This feature  assigns and manages roles of the users performing SSO.

Altogether with the default WordPress roles, this is compatible with any custom roles as well.

  • From the Attribute Mapping section of the plugin, provide a mapping for the field named Group/Role. This attribute will contain the role related information sent by the IDP and will be used for Role Mapping.

 

  • Go  to role mapping section and provide the mappings for the highlighted roles.
  • For example, If you want a user whose Group/Role attribute value is wp-editor to be assigned as an Editor in WordPress, just provide the mapping as wp-editor in the Editor field of Role Mapping section.
Avatar for Andrew Fitzgerald
Andrew Fitzgerald

Cloud Solution Architect. Helping customers transform their business to the cloud. 20 years experience working in complex infrastructure environments and a Microsoft Certified Solutions Expert on everything Cloud

0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x