Salesforce WordPress SSO

Salesforce WordPress Single Sign On (SSO) setup guide using the WP Cloud SSO SAML WordPress Plugin  

 

Follow these steps to enable Salesforce SSO for your WordPress blog, map Salesforce users to WordPress roles, sync Salesforce user attributes and set Salesforce as your WordPress identity provider and creating single sign on experience for your users and securing access.

Salesforce WordPress Single Sign On

with WP Cloud SSO

Table of Contents

1.) Setup Salesforce as IDP for WordPress

 Configure Salesforce as IdP by following these steps:

A) Configure Salesforce as IdP (Identity Provider).

 

  • In the WP Cloud SSO, go to Service Provider Metadata section.  In here, there are following information, such as  SP Entity ID and ACS (AssertionConsumerService) URL , that are compulsory to configure the Identity Provider. 

Image to follow 

  • Log in to Salesforce account as admin

 

  • Switch to Salesforce Lighting mode from profile menu and then go to the Setup page by clicking on setup button.
  • In the panel on your left , go to Settings Tab and click on Identity Provider. 
  • Click on Enable Identity Provider. 
  • In the Service Provider section, click on the link to create the Service Provider using Connected Apps
  • Enter Connected App Name, API Name and Contact Email.
Table Header Table Header Table Header Table Header Table Header
Content
Content
Content
Content
  • In the Web App Settings, check Enable SAML checkbox and enter the following values:
Field Setting

Enable SAML

Checked

Entity ID

SP-EntityID / Issuer from Service Provider Metadata tab of the Plugin

ACS URL

ACS (AssertionConsumerService) URL from Service Provider Metadata tab of the Plugin

Subject Type

Username

Name ID Format

urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified

  • Click on Save to save configuration.
 
  • From the panel on your left, where Platform Tools section, select Connected Apps. 
 
  • Select Manage Connected Apps and click on the app just created 
  • In Profiles section click on Manage Profiles.
 
  • In the Profiles section click on Manage Profiles button. 
 
  • Assign the Profiles to allow access in the log in of this app. 
  • Under WP Cloud SSO Login Information, click on Download Metadata.
  • It is useful to keep this metadata for configuring the Service Provider.

Now your Salesforce as WP Cloud IdP (Identity Provider ) has been configured for Salesforce SSO login into WordPress ( WP) Site. 

2.) Configure WordPress as SP

3.) Salesforce Attribute Mapping

  • This section allows you to map user attributes send by the IDP during SSO to user attributes at WordPress.

 

  • In WordPress SAML plugin, navigate to Attribute/ Role Mapping tab and enter  the required fields in Attribute Mapping section. 

 

  • Custom Attribute Mapping: This feature lets you map any attribute sent by the IDP to the usermeta table of WordPress. 

4.) Salesforce to WordPress Role Mapping

This feature lets you assign and manage roles of the users when they perform SSO. 

Altogether the default WordPress roles, it is compatible with any custom roles as well. 

 

  • In the Attribute Mapping section of the plugin, enter a mapping for the field named Group/Role. This attribute will contain the role related information sent by the IDP and will be used for Role Mapping. 

 

  • Go to role mapping section and enter the mappings for the highlighted roles.

 

IMAGE TO FOLLOW XXX

 

 

For example, if you want a user whose Group/Role attribute value is wp-editor to be assigned as an Editor in WordPress, please enter the mapping as wp-editor in the Editor field of Role Mapping section. 

Avatar for Andrew Fitzgerald
Andrew Fitzgerald

Cloud Solution Architect. Helping customers transform their business to the cloud. 20 years experience working in complex infrastructure environments and a Microsoft Certified Solutions Expert on everything Cloud

0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x