- Attributes are user details that are stored in your Identity Provider
- Attribute Mapping helps you to get user attributes from your IdP and map them to WordPress user attributes like firstname, lastname etc.
- While auto registering the users in your WordPress site these attributes will automatically get mapped to your WordPress user details.
- In miniOrange SAML plugin, go to Attribute/RoleMapping tab and fill in all the fields.
||Name of the username attribute from IdP (Keep NameID by default)
||Name of the email attribute from IdP (Keep NameID by default)
||Name of the firstname attribute from IdP
||Name of the lastname attribute from IdP
||Name of the Role attribute from IdP
See the screenshot below for Attribute Mapping. Right Hand side attributes are the attributes that are sent by the IdP and these attributes are mapped to WordPress attributes. NameID attribute is mapped to user's Email and Username. fname is mapped to First Name, lname is mapped to Last Name and group is mapped to Group/Role
For example, if the attributes that are fetched from IdP contains the following data:
During the SSO, when user will be created in WordPress site, it's Username and Email Address will be firstname.lastname@example.org (NameId is mapped to Username and Email).
It's First Name will be Chris (fname is mapped to First Name)and Last Name will be Luke (lname is mapped to Last Name) and groups will be assigned as per the role mapping given in the Role Mapping Section.
Note: If you want the users to assign the role during SSO then you must map the group attribute to the WordPress group/role as given here in Attribute Mapping.
- You can check the Test Configuration Results to get a better idea of which values to map here.