WordPress SSO Azure AD Office 365

WordPress Single Sign-On (SSO) using Okta SAML as IDP

Use Okta as your SAML IDP for WordPress Single Sign using our WP Cloud SSO WordPress plugin.  Automatically sync and allow your Okta users to login to your WordPress website.

 

In this guide we explain how to configure WP Cloud SSO using Okta as your SAML identity provider.  Sync your Okta user attributes and groups and map to WordPress roles.

 

Don’t have the WP Cloud SSO plugin ? Click Here to Download for Free.

WP CLoud SSO

Okta WordPress SSO

with WP Cloud SSO

List of SAML Identity Providers

Getting Started Setting up WordPress Okta SSO

Table of Contents

1.) Setup Okta as IDP for WordPress

Below are the steps to follow to configure Okta as IdP.

Configure Okta as IdP.

  • In Azure WordPress SAML SP SSO plugin go to Service Provider (SP) Metadata tab. In this section, find metadata, such as SP Entity ID and ACS (AssertionConsumerService) URL, which are compulsory to configure Okta as Identity Provider (IdP).
  • Next step is to navigate to Applications Tab and click on Applications
  • Click on Create App Integration section to create new app. 
  • Select SAML 2.0 button to create new app.

In section General Settings tab, enter App Name and click on Next

  • To configure WP Cloud SSO enter following details: 
SAML Settings Entry

Single Sign On URL

ACS(AssertionConsumerService) URL from the Service Provider Metadata tab of the plugin

Audience URL ( SP entity ID)
SP Entity ID/Issuer from the Service Provider Metadata tab of the plugin
Default Relay State
Relay State from the Service Provider Metadata tab of the Plugin
Name ID Format
Select E-Mail Address as a Name Id from dropdown list
Application Username
Okta username
  • Configure Group Attribute Statements ( Optional ) step and click on Next button.
  • Click on WP Cloud SSO:
  • Assign People or Groups that will be login using this provider:
  • You have successfully configured Okta as SAML IdP ( Identity Provider) for WP Cloud SSO. 

2.) Setup WordPress as Service Provider

In the WP Cloud SSO plugin there are 2 ways to setup Okta SAML authentication with WordPress as your service provider.

A.) Upload Okta IDP Federation Metadata XML File

Note: This upload feature is only available to paid plans. Refer to step B.) which allows you to configure manually.

  • Click on Identity Provider Setup
  • Select Okta provider
  • Click on Upload IDP Metadata
  • Input Identity Provider Name
  • Either upload a metadata file and click on Upload button or use a metadata URL and click on Fetch Metadata.

B.) Manually Add Okta IDP Application URL's

  • Click on Identity Provider Setup

 

Provide the settings as required ( i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL) as provided by your Okta SAML application and click on Save Changes.

3.) Attribute Mapping

  • The free plugin version allows you to support only NameID for Email and Username attributes in the WordPress user.
  • In the WordPress SAML plugin, navigate to Attribute/Role Mapping section and enter details in Attribute Mapping section.
  • Custom Attribute Mapping:  This feature allows you to map any attribute sent by the IDP to usermeta table of WordPress.

4.) Role Mapping

  • The free plug in  allows you to choose a default role that will be assigned to all the non-admin users when they perform SSO.
  • Navigate to Attribute/Role Mapping section and click on Role Mapping Section.
  • Choose the Default Role and click Save.