miniOrange provides secure access to WordPress for enterprises and full control over access of applications, Single Sign On (SSO) into Wordpress with one set of login credentials.
How miniOrange SAML 2.0 Single Sign-On Plugin works with OAuth Server
miniOrange SAML SSO plugin is compatible with OAuth Server plugin. This means that you can now make your site an OAuth Server and have your users authenticate themselves with your SAML IDP. This is useful when you have an external application which requires data/resources from your Site and the user's Identities are managed by your SAML complaint IDP (like AD FS). To make sure your API calls are secure you can have your Site act as an OAuth Server which can grant Access Token for APIs and install miniOrange SAML SP plugin which can authenticate users with your SAML-complaint IDP.
- 1. User tries to access the external application. On first time use, user gets redireted to your Site with the OAuth Authorize Request.
- 2. OAuth Server accepts and verifies the Request. miniOrange SAML plugin redirects the user to your SAML-complaint IDP with SAML AuthnRequest.
- 3. User authenticates himself with your IDP.
- 4. On successful authentication, IDP redirects user to your Site with the SAML response for the authenticated user.
- 5. miniOrange SAML SSO plugin reads, verifies and login the authenticated user to your Site. The OAuth Server creates the OAuth Code response and redirects the user to your application.
- 6. Your application reads the OAuth Code response and makes an OAuth Token Request to your Site (OAuth Server).
- 7. OAuth Server verifies the Token Request and generates and sends an Access Token Response for the Application for authenticated user.
- 8. Application can now use this Access Token in each API calls for Authorization and have access to the Site's resources.