OneLogin WordPress SSO

Use OneLogin as your SAML IDP to enable WordPress SAML SSO using the WP Cloud SSO plugin.

 

Configure an app within your OneLogin portal and add your OneLogin SAML data into your WordPress website, creating a trust which will enable SSO for WordPress.  Map OneLogin users to WordPress roles and sync OneLogin attributes.  This will secure logins to your WP logins.

OneLogin WordPress SSO

with WP Cloud SSO

Table of Contents

1.) Setup OneLogin as IDP for WordPress

In the following steps below you will be able to configure OneLogin as IdP.

A.) Configure OneLogin as IdP

  • In the WP Cloud SSO plugin, navigate to Service Provider Metadata tab. Here, you can find the SP metadata such as SP Entity ID and ACS (AssertionConsumerService) URL which are required to configure the Identity Provider.
  • Log into OneLogin as an Administrator and go to Apps Company Apps  Add Apps from the Navbar.
  • In the search box, type SAML Test Connector (SP) and click on the App to add it.
  • Enter the display name and click Save.
  • In General Settings, enter App Name and click on Next.
  • After saving, go to Configuration Tab and enter the following:
AudienceProvide Audience URL from the Service Provider Metadata tab of the Plugin
RecipientProvide Recipient URL from the Service Provider Metadata tab of the Plugin
ACS (Consumer) URL ValidatorProvide ACS (Assertion Consumer Service) URL from the Service Provider Metadata tab of the Plugin
ACS (Consumer) URLProvide ACS (Assertion Consumer Service) URLfrom the Service Provider Metadata tab of the Plugin
Single Logout URLProvide Single Logout URL from the Service Provider Metadata tab of the Plugin
  • Click on Save.

B.) Assigning Groups/People.

  • Go to SSO tab. Note down the URL/Endpoints. You will need these when configuring the plugin.

Now you have successfully configured OneLogin as SAML IdP (Identity Provider) for achieving OneLogin SSO login into your WordPress Site.

2.) Configure WordPress as SP

3.) OneLogin Attribute Mapping

  • The Attribute Mapping feature allows you to map the user attributes sent by the IDP during SSO to the user attributes at WordPress.

 

  • In WordPress WP CLOUD SSO  plugin, navigate to Attribute/Role Mapping tab and fill up the following fields in Attribute Mapping section.

 

IMAGE TO FOLLOW 

 

  • Custom Attribute Mapping: This feature allows you to map any attribute sent by the IDP to the usermeta table of WordPress.

 

IMAGE TO FOLLOW 

4.) WordPress Role Mapping using OneLogin

This feature lets you assign and manage roles of the users when they perform SSO.  Together with the default WordPress roles, this is compatible with any custom roles as well.

 

 

  • From the Attribute Mapping section of the plugin, provide a mapping for the field named Group/Role. This attribute will contain the role related information sent by the IDP and will be used for Role Mapping.

 

  • Go to role mapping section and provide the mappings for the highlighted roles.

 

IMAGE TO FOLLOW 

 

  • For example ,  If you want a user whose Group/Role attribute value is wp-editor to be assigned as an Editor in WordPress, just provide the mapping as wp-editor in the Editor field of Role Mapping section.
Avatar for Andrew Fitzgerald
Andrew Fitzgerald

Cloud Solution Architect. Helping customers transform their business to the cloud. 20 years experience working in complex infrastructure environments and a Microsoft Certified Solutions Expert on everything Cloud

0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x