Hello there!

Need Help? We are right here!

support
miniOrange Email Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Single Sign On for Wordpress
miniOrange provides a ready to use solution for Wordpress. This solution ensures that you are ready to roll out secure access to Wordpress to your employees within minutes.

SETUP GUIDE FOR SIMPLESAML AS IdP

STEP 1: In config/config.php, make sure that 'enable.saml20-idp' is true. Example:

'enable.saml20-idp' => true

STEP 2: In metadata/saml20-idp-hosted.php, configure SimpleSAML as an Identity Provider like this:

 $metadata['__DYNAMIC:1__'] = array(
	'host' => '__DEFAULT__',
	/* X.509 key and certificate. Relative to the cert directory. (Create a cert directory in SimpleSAML root folder and place you 
	 certificates there.)*/
	'privatekey' => '<YOUR_PRIVATE_KEY_FILE_NAME>', // eg. RSA_Private_Key.pem
	'certificate' => '<YOUR_PUBLIC_KEY_FILE_NAME>', // eg. RSA_Public_Key.cer
	/*Authentication source to use. Must be one that is configured in config/authsources.php. This Auth Source is used for 
	 authenticating your users.*/
	'auth' => '<YOUR_AUTH_SOURCE_NAME>',
 );

STEP 3: In metadata/saml20-sp-remote.php, register your Servider Provider like this:

 $metadata['<SP-EntityID / Issuer from Step1 of the plugin under Identity Provider Tab.>'] = array(
	'AssertionConsumerService' => '<ACS (AssertionConsumerService) URL from Step1 of the plugin under Identity Provider Tab.>',
	'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
	'simplesaml.nameidattribute'=> 'mail', // This is your user's Email attribute name
	'simplesaml.attributes' => true, // Set this to false if you do not want to send attributes in SAML response
	'attributes' => array('mail', 'firstName', 'lastName'), // Provide comma separated list of attribute names
 );
  /*NOTE: 'NameIDFormat' & 'simplesaml.nameidattribute' are important for returning user's Email in SAML Response.*/
 

STEP 4: In miniOrange SAML plugin, go to Service Provider tab and enter the following details:

Identity provider Name: SimpleSAML
SAML Login URL https://<your domain>/simplesaml/saml2/idp/SSOService.php
IdP Entity ID or Issuer https://<your domain>/simplesaml/saml2/idp/metadata.php
X.509 Certificate Your public key certificate that you configured in metadata/saml20-idphosted.php file.
Response Signed Checked
Assertion Signed Checked (By default in SimpleSAML, Assertion is signed but if you have set it to false then please keep it unchecked)

We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India) or email us at info@xecurify.com