Follow the Step-by-Step Guide given below for Wordpress Single Sign On (SSO) using Bitium as IdP
STEP 1: Configure Bitium as IdP
- Log into Bitium Admin Portal.
- Once you have logged into your Bitium Admin portal, click on the Manage button in the top navigation bar for your organization, and then click on Manage Apps.
- In the top right corner, click on Add More Apps. You will see a search box, then search for Wordpress, and add the app to your Bitium account.
- Here we will start configuring SSO. First, select a name for your page, then select SAML Authentication from the dropdown menu. Once you are done, click on Install App.
- On the next screen, click on Configure Single Sign-On.
- Here, we will exchange a few values between Bitium and Wordpress.
|SAML URL ||Copy/Paste ACS URL from Identity Provider tab |
|Entity ID ||Copy/Paste SP-EntityID / Issuer from Identity Provider tab |
- Click on Save.
- Copy the following URL/Endpoints. These will be required while configuring the plugin. Copy the X.509 Certificate text area value and keep it handy.
- Now, assign the Wordpress app to your users in the Apps Overview section.
STEP 2: Configuring Wordpress as SP
- In miniOrange SAML plugin, go to Service Provider tab and enter the following details:
|IDP Entity ID: ||Entity ID from the Single Sign On tab in Bitium |
|Single Sign On URL: ||Login URL from the Single Sign On tab in Bitium |
|Single Logout URL: ||Logout URL from the Single Sign On tab in Bitium |
|X.509 Certificate:||Paste the X.509 Certificate value from Single Sign On tab in Bitium |
- In miniOrange SAML plugin, go to Attribute/RoleMapping tab. Enter the following values:
||Name of the username attribute from IdP (Keep NameID by default)
||Name of the email attribute from IdP (Keep NameID by default)
||Name of the firstname attribute from IdP
||Name of the lastname attribute from IdP
||Name of the Role attribute from IdP
You can check the Test Configuration Results to get a better idea of which values to map here.
- Under the Role Mapping section, configure which GROUP value coming in the SAML response needs to be mapped to which role in WordPress. The Group value coming in the SAML response will be mapped to the Role assigned here and the user will be assigned that role in WordPress.
- Go to SSO Login Settings tab. Enable auto-redirect to IDP using Redirect to IdP if user not logged in option.
For further details refer :