Description

SAML SP Single Sign On (SSO) for WordPress allows SSO login with Azure AD, Azure AD B2C, Keycloak, ADFS, Okta, Shibboleth, Salesforce, GSuite / Google Apps, Office 365, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ and all SAML 2.0 capable Identity Providers into your WordPress site.

You can checkout the following video to configure the plugin with your Identity Provider:

SAML SP Single Sign On (SSO) provides SAML authentication for WordPress allowing your users to login to the WP site.

List of Supported IdPs

Azure AD (supports SAML SSO for WordPress login)
Azure AD B2C (supports SAML SSO for WordPress login)
Keycloak (supports SAML SSO for WordPress login)
ADFS (supports SAML SSO for WordPress login)
Okta (supports SAML SSO for WordPress login)
Salesforce (supports SAML SSO for WordPress login)
Office 365 (supports SAML SSO for WordPress login)
Shibboleth (supports SAML SSO for WordPress login)
GSuite / Google Apps (supports SAML SSO for WordPress login)
miniOrange (supports SAML SSO for WordPress login)
OneLogin (supports SAML SSO for WordPress login)
Centrify (supports SAML SSO for WordPress login)
Gluu Server (supports SAML SSO for WordPress login)
SimpleSAMLphp (supports SAML SSO for WordPress login)
OpenAM (supports SAML SSO for WordPress login)
Ping (supports SAML SSO for WordPress login)
RSA (supports SAML SSO for WordPress login)
IBM (supports SAML SSO for WordPress login)
Oracle (supports SAML SSO for WordPress login)
Bitium (supports SAML SSO for WordPress login)
WSO2 (supports SAML SSO for WordPress login)
NetIQ (supports SAML SSO for WordPress login)
and practically any SAML compliant Identity Provider.

WordPress Single Sign On (SSO)

Single Sign-On (SSO) is an authentication process in which a user can login to multiple applications and/or websites by using only a single set of login credentials (such as username and password). This prevents the need for the user to login separately into the different applications. Single Sign-On addresses the challenge of maintaining the credentials for each application separately, streamlining the process of signing-on without need to re-enter the password.

WordPress Single Sign On allows your users to login to your WordPress site by authenticating with their IDP. If your users first login to some other application connected to your IDP, they can seamlessly login to WordPress without being prompted for login again.

This SAML WordPress Single Sign On SSO solution provides SAML SSO capability to your WordPress site, converting it to a SAML compliant Service Provider which can be configured with any SAML compliant Identity Provider, allowing your users to login to your WP site.

WordPress Single Sign on also allows you to manage login and achieve Single Sign On on your WordPress membership site using Azure AD, Azure B2C, ADFS, Keycloak, GSuite / Google Apps, Okta, Salesforce, Office 365, Shibboleth, or any SAML compliant Identity Provider so that you can allow your users to login to WordPress as a member via using their IDP credentials.

miniOrange WordPress SAML Single Sign on SSO Plugin acts as a SAML 2.0 Service Provider which can be configured to establish the trust between the plugin and a SAML 2.0 capable Identity Providers to securely authenticate the user to the WordPress site. This allows your users to securely login to the WP site.
WordPress Multi-Site Environment and ability to configure Multiple SAML IDPs against wordpress as SAML service provider is also supported in premium SAML SP Single Sign On plugin.

WordPress SAML Single Sign On supports all kinds of SSO use cases such as Azure login into WordPress, Azure AD login into WordPress, Azure AD SSO(Azure AD Single Sign-On), Login with Azure AD, Login using Azure AD, Login with Office 365, Office 365 login, Office 365 Single Sign On, Login using Office 365, ADFS login into WordPress, Login with ADFS, Okta login, OneLogin SSO, Salesforce login, Login using Salesforce, Google Apps login, Google Apps Single Sign On, Login with Google Apps, Login using Google Apps, Login using Gsuite, Gsuite login into WordPress, Keycloak login, Auth0 login, Shibboleth login, Login with Shibboleth, Login using Shibboleth, PingFederate login, etc. allowing your users to securely login to the WordPress site.

Azure SSO
The WordPress SAML Single Sign On plugin supports Azure SSO use cases such as AzureAD SSO(Azure AD Single Sign-On), Azure B2C SSO, Azure login into WordPress, Login with Azure AD, Login using Azure AD, Office 365 SSO(Office 365 Single Sign On), Login with Office 365, Login using Office 365, Office 365 Login, PowerBI SSO,etc.
You can also enable SSO with multiple Azure tenants using our Azure multi-tenant add-on (Available with the All-Inclusive license of WordPress Single Sign On (SAML SSO) plugin). Using this you can allow users in multiple Azure tenant or Office 365 tenant to login to your WordPress site.

Azure AD Login / Azure AD SSO(Azure AD Single Sign-On) / Azure login allows your users to authenticate with their Azure Active Directory credentials on the Microsoft login page in order to log into the WordPress site.
We provide deep integration between WordPress Single Sign On and Azure AD Login in which you can also map the users’ information such as givenname, surname, email, groups, etc from your Azure AD to the WordPress site. This allows your users to securely achieve Login with Azure AD / Login using Azure AD / Azure AD SSO / Azure login / for you WordPress site.
This also allows your Office 365 users to achieve WordPress Single Sign On(Login with office 365 credentials / Office 365 Login / Login using Office 365) by authenticating via their Office 365 credentials. Our plugin allows you to map user information from Office 365 to your WordPress site in order to seamlessly achieve Office 365 Login / login with office 365 credentials / Office 365 SSO / Login using Office 365.

Google Apps SSO
The WordPress SAML Single Sign On SSO plugin supports SSO with GSuite / Google Apps(Google Apps Login / Login using Gsuite / Login with Google Apps / Login using Google Apps / Gsuite login), allowing the users in your organization to login to your WordPress site using their organization Google Apps credentials.
You can use the WordPress Single Sign On plugin to map the user information such as first name, last name, employee details, etc from Google Apps to your WordPress site in order to achieve Google Apps Login / SSO with GSuite / Login using Gsuite / Login with Google Apps / Login using Google Apps / Gsuite login into WordPress.
We also support WordPress Single Sign On with multiple Google Apps organization on the same site using our All-Inclusive plan.
We provide seamless integration between WordPress Single Sign On and Google Apps Login(Login with Google Apps) in which you can provide Role controls to your users based on Google Groups or Organizational Unit membership.
This allows your users to seamlessly achieve Google Apps Login / Login with Google Apps / Login using Google Apps(Google Apps Single Sign On) for your WordPress site.

Federation SSO
The WordPress SAML Single Sign On plugin is compatible with Federation use cases allowing your students or staffs to login the WordPress site using their university credentials that is affiliated with any federation such as InCommon, HAKA, HKAF, etc.
To enable Federation SSO, you will need to get the Federation SSO add-on.

Salesforce Community SSO
The WordPress SAML Single Sign On plugin allows your Salesforce community users to login to the WordPress site by authenticating with their Salesforce credentials(Login using Salesforce / Salesforce Login).
You can also enable SSO with multiple Salesforce communities using our Salesforce Community add-on.
Our WordPress SAML Single Sign-On plugin supports all the Salesforce SSO use cases such as Salesforce Login, Salesforce Single Sign-On, Salesforce Community SSO, Salesforce Login(Single Sign-On) into WordPress, Login using Salesforce, Login with Salesforce.
This allows you to seamlessly achieve Login using Salesforce, Salesforce Login, Salesforce Community SSO, Login with Salesforce, Salesforce Single Sign-On for your WordPress site.

The WordPress SAML Single Sign On SSO plugin is equipped with an ever-increasing list of very detailed SAML SSO guides which can be used to configure the plugin with SAML compliant Identity Providers such as Azure AD, Keycloak, ADFS, Okta, Shibboleth, Salesforce, GSuite / Google Apps, Office 365, SimpleSAMLphp, OpenAM, Centrify, Ping, Oracle, OneLogin, and many more SAML Identity Providers, allowing your users to securely login to the WP site.

If you require any Single Sign On (SSO) application or need any help with installing this plugin, please feel free to email us at info@xecurify.com or Contact us.

The plugin is compatible with all kinds of enterprise WordPress SAML Single Sign On SSO use cases where the users existing in Azure AD, Azure AD B2C, ADFS, Keycloak, GSuite / Google Apps, Okta, Salesforce, Office 365, Shibboleth, or any SAML compliant Identity Provider can securely login to the WordPress site by authenticating via the IDP that is configured in the plugin.
That means the WordPress Single Sign On can be used to achieve Azure login into WordPress, Azure AD login, Azure AD SSO(Azure AD Single Sign-On), Login with Azure AD, Login using Azure AD, Office 365 login, Office 365 Single Sign On, Login using Office 365, Login with Office 365, ADFS login, Login with ADFS, Okta login, OneLogin SSO, Salesforce login, Login using Salesforce, Google Apps login, Google Apps Single Sign On, Login with Google Apps, Login using Google Apps, Login using Gsuite, Gsuite login into WordPress, Keycloak login, Auth0 login, Shibboleth login, Login with Shibboleth, Login using Shibboleth, PingFederate login, etc. on your WP site.

The plugin can also support WordPress Single Sign On with any Identity Provider including OAuth, OpenID Connect, Active Directory, database using miniOrange IDP allowing your users to login to the WP site via authenticating with their user store.

Free Version Features

WordPress SAML Single Sign On supports SSO with any 3rd party SAML supported Identity Providers like ADFS, Azure AD, Azure AD B2C, Keycloak, Okta, Salesforce, GSuite / Google Apps, O365, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ etc.
Auto Create Users – Users will be auto-created in WordPress after SAML SSO
Login Widgets – Use SAML Login Widgets to easily integrate the SAML SSO link with your WordPress site.
Attribute Mapping – The NameID value sent by your SAML compliant Identity Provider will be mapped to the Username and Email of your WordPress users.
Role Mapping – Select default role to assign to SAML SSO users on auto registration.

Standard Version Features

Unlimited Authentications – Unlimited authentication with your SAML 2.0 compliant Identity Providers like ADFS, Azure AD, Azure B2C, Keycloak, Okta, Salesforce, GSuite / Google Apps, O365, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ or any SAML compliant Identity Provider.
Advanced Attribute Mapping – WordPress SAML SP Single Sign On SSO provides the feature to map your SAML IDP attributes to your WordPress site attributes like Username, Email, First Name, Last Name, Group/Role, Display Name.
Login Widgets and Short Code – Use Widgets to easily integrate the SAML SSO link with your WordPress site. Use Short Code (PHP or HTML) generated by SAML SP Single Sign On to place the SAML login link wherever you want on the site.
Step-by-step Guides – Use step-by-step guide to configure your SAML compliant Identity Provider like ADFS, Centrify, GSuite / Google Apps, O365, Okta, OneLogin, Salesforce, SimpleSAMLphp, Shibboleth, WSO2, JBoss Keycloak, Oracle.
Auto-redirect to IDP – Users will be redirected to SAML compliant IdP for SSO when trying to access the WordPress login page.
Protect Site – Users trying to access WordPress will be redirected to the SAML compliant Identity Provider for SSO.
Customize SP Configuration – Change SAML Service Provider endpoints such as SP base URL and SP Entity ID.
Select Binding Type – Select HTTP-Post or HTTP-Redirect binding type to use for sending SAML Requests.
Integrated Windows Authentication – Support for Integrated Windows Authentication (IWA) in SAML SP Single Sign On Standard plugin.

Premium Version Features

Includes all the SAML STANDARD version features.
SAML Single Logout – Support for SAML Single Logout (Works only if your SAML IDP supports SLO).
Auto-redirect to IDP – Users will be redirected to SAML compliant IdP for SSO when trying to access the WordPress login page.
Protect Site – Users trying to access WordPress will be redirected to the SAML compliant Identity Provider for SSO.
Advanced Role Mapping – WordPress SAML SP Single Sign On SSO provides the feature to assign WordPress roles to your users based on the group/role sent by your SAML compliant IDP.
Reverse-proxy Support – Support for sites behind a reverse-proxy in WordPress SAML SP Single Sign On Premium plugin.
Multiple Certificates – Store Multiple SAML IdP Certificates.
Custom Certificate – Add your own custom X.509 Certificate for sending signed SAML Request and verification of encrypted SAML Response.
WordPress Multi-site Support – Multi-Site environment is one which allows multiple subdomains / subdirectories to share a single installation. With multisite SAML premium plugin, you can configure the SAML compliant IDP in minutes for all your sites in a network. While, if you have basic SAML premium plugin, you have to do plugin configuration on each site individually as well as multiple SAML service provider configurations in the SAML compliant IDP.

For Example – If you have 1 main site with 3 subsites. Then, you have to configure the plugin 3 times on each site as well as 3 SAML service provider configurations in your IDP. Instead, with multisite SAML premium plugin. You have to configure the plugin only once on main network site as well as only 1 SAML service provider configuration in the SAML compliant IDP.

Enterprise Version Features

Includes all the SAML STANDARD version features.
SAML Single Logout – Support for SAML Single Logout (Works only if your SAML IDP supports SLO).
Auto-redirect to IDP – Users will be redirected to SAML compliant IdP for SSO when trying to access the WordPress login page.
Protect Site – Users trying to access WordPress will be redirected to the SAML compliant Identity Provider for SSO.
Advanced Role Mapping – WordPress SAML SP Single Sign On SSO provides the feature to assign WordPress roles to your users based on the group/role sent by your SAML compliant IDP.
Reverse-proxy Support – Support for sites behind a reverse-proxy in WordPress SAML SP Single Sign On Premium plugin.
Multiple Certificates – Store Multiple SAML IdP Certificates.
Custom Certificate – Add your own custom X.509 Certificate for sending signed SAML Request and verification of encrypted SAML Response.
WordPress Multi-site Support – Multi-Site environment is one which allows multiple subdomains / subdirectories to share a single installation. With multisite SAML premium plugin, you can configure the SAML compliant IDP in minutes for all your sites in a network. While, if you have basic SAML premium plugin, you have to do plugin configuration on each site individually as well as multiple SAML service provider configurations in the SAML compliant IDP.
Multiple SAML IDPs Support – We now support configuration of Multiple SAML compliant IDPs in the plugin to authenticate the different group of users with different SAML IDPs. You can give access to users by users to IDP mapping (which SAML compliant IDP to use to authenticate a user) is done based on the domain name in the user’s email. (This is a PREMIUM feature with separate licensing. Contact us at info@xecurify.com to get licensing plans for this feature.)

All-Inclusive Version Features

Includes all the SAML ENTERPRISE version features
Recommended for most use cases such as login using Azure AD, Azure AD B2C, ADFS, Keycloak, Okta, Salesforce, GSuite / Google Apps, O365, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ etc.
All SAML add-ons included.

If you are looking for a SAML compliant Identity Provider, you can try out miniOrange On-Premise IdP.

Add-ons

We have a variety of add-ons that can be integrated with the WordPress SAML SP Single Sign On SSO plugin to improve the SAML SSO functionality of your WordPress site.

Page Restriction – This add-on is basically used to protect the pages/posts of your site with SAML compliant IDP login page and also, restrict the access to pages/posts of the site based on the user roles.
BuddyPress Integration – This add-on maps the attributes fetched from the SAML compliant IdP with BuddyPress attributes.
LearnDash Integration – This add-on will map the SAML SSO user to LearnDash groups as per the attributes sent by your SAML compliant Identity Provider.
SSO Login Audit – SSO Login Audit captures all the SAML SSO users and will generate the reports.
Attribute Based Redirection – ABR add-on helps you to redirect your users to different pages after they authenticate via SAML SSO into your site, based on the attributes sent by your SAML compliant Identity Provider.

Real Time User Provisioning using SCIM

Provides real time user-provisioning from your IDP to your WordPress using SCIM standard. You can refer our WordPress User Provisioning using SCIM plugin.

Website –

Check out our website for other plugins http://miniorange.com/plugins or click here to see all our listed WordPress plugins.
For more support or info email us at info@xecurify.com or Contact us. You can also submit your query from plugin’s configuration page.

Screenshots

Connect your WordPress site with any SAML-compliant Identity Provider.
Configure your WordPress as SAML Service Provider.
Gather Metadata for your SAML Identity Provider.
Configure Attribute/Role Mapping for Users in WordPress.
Add widget to enable SAML Single Sign-on.
Plugin-tour which guides you through entire plugin setup.
Addons which extend plugin functionality.

Installation

From your WordPress dashboard

Visit Plugins > Add New.
Search for SAML SP Single Sign On. Find and Install SAML SP Single Sign On – SSO login.
Activate the plugin from your Plugins page.

From WordPress.org

Download SAML SP Single Sign On – SSO login plugin.
Unzip and upload the miniorange-saml-20-single-sign-on directory to your /wp-content/plugins/ directory.
Activate miniOrange SSO using SAML 2.0 from your Plugins page.

FAQ

I am not able to configure the Identity Provider with the provided settings: Please email us at info@xecurify.com or Contact us. You can also submit your app request from plugin’s configuration page.
For any query/problem/request: Visit Help & FAQ section in the plugin OR email us at info@xecurify.com or Contact us. You can also submit your query from plugin’s configuration page.

Reviews

March 4, 2021

the best SSO plugin for WP. Support is attentive too.

hmtam March 4, 2021

MiniOrange made it very easy to connect to the Okta idp. They had walked me through the entire SAML 2.0 and SCIM Provisioning configuration behind the scenes and learned a lot as we went along. We had to overcome a challenge where we needed to push user data back to the idp if user data had been updated on the SP. They provided a custom solution that did exactly that and they got it done in 2 days, not to mention that their plugins are lightweight and won't affect performance. Meetings were prompt, clear and provided solutions to the task at hand. If you build your sites on WordPress and need to install SSO, then MiniOrange is the way to go hands down!

jlesliecha March 2, 2021

miniOrange makes AAD SSO with WordPress so easy, enabling us to leverage our existing AAD MFA for better security. Rushin, a support engineer with Xecurify, was able to help us through initial setup and it's now working like a charm.

ebatexas February 26, 2021

These plugins work as expected and are reliable. The customer service is excellent and second to none. Will be a customer for life. Thank you!!

jpleakis February 11, 2021

Plugin works as intended, and support responds quickly and resolves issues quickly.

nqfe February 5, 2021

I've found this plugin to be so useful in helping us connect our products into our clients environments. The support here has been 6 star too tbh.

Read all 103 reviews

Contributors & Developers

“SAML Single Sign On – SSO Login” is open source software. The following people have contributed to this plugin.

miniorange

Translate “SAML Single Sign On – SSO Login” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

4.9.04

Licensing Update

4.9.03

Added video plugin guides

4.9.02

Welcome page fixes

4.9.01

Added support of Localization
WordPress 5.6 Loop back issue fix
PHP 8 Compatibility
Fixed SAML Login URL query parameters bug
Removed end of year sale

4.9.00

Rolled out end of year sale

4.8.99

Added new Add-on description

4.8.98

SP Metadata Update

4.8.97

Call setup fixes
Added contact phone number

4.8.96

Added new IDP guides: Azure B2C and Gluu server
Updated XMLSecLibs

4.8.95

Added Setup call feature

4.8.94

Revamped add-ons tab

4.8.93

Updated description for add-ons

4.8.92

Security patches

4.8.91

Added a new licensing plan

4.8.90

Plugin tour fixes

4.8.89

Adding more guides in SAML plugin

4.8.88

Bug fixes

4.8.87

Bug fixes in SAML SSO widget
Compatibility with WordPress 5.4

4.8.86

Compatibility fixes with PHP5

4.8.85

Visual Tour fixes
Fixed Telephone number input

4.8.84

Security patches

4.8.83

Nomenclature changes
Compatibility with PHP 7.4

4.8.82

Added new SAML-compliant IdP guides
Bug fixes

4.8.81

Updated SAML-compliant IdP guides

4.8.80

Bug fixes

4.8.79

Added Plugin-wide tour

4.8.78

Request a demo feature.

4.8.77

Bug Fixes

4.8.76

Security Patches

4.8.75

Visual-tour fixes

4.8.74

Feedback form bug fix

4.8.73

Security patches.

4.8.72

Security patch.

4.8.71

Security fixes.

4.8.70

Bug fixes
Option to send plugin configuration with request

4.8.69

Tested upto WordPress 5.1.0
Replaced CURL calls with HTTP API calls.

4.8.68

Tested upto WordPress 5.0.2.
Updated to Latest XMLSeclibs library.
Compatibility with PHP 7.3.

4.8.67

Description changes.

4.8.66

Tested upto WordPress 5.0.0.
Added option to disable character encoding.

4.8.65

Bug Fixes

4.8.64

Compatibility with PHP version 5.3+ upto latest version of PHP
Activation Issue Fixes

4.8.63

Code enhancements.

4.8.62

Fixed issues on plugin activation.

4.8.61

Bug fixes.

4.8.60

Updated to latest XMLSeclibs SAML library (version 3.0.1).
Added the visual tour to get familiar with plugin features and support.
Revamped the plugin UI.
Added the Add-On and their description.
Export plugin configurations.
SAML-compliant IdP guides.

4.8.52

Tested upto WordPress 4.9.8

4.8.51

Added support for guest login
Added SAML-compliant IDP guide links

4.8.50

Added feedback form.

4.8.44

Tested upto WordPress 4.9.6

4.8.43

Compatibility issue with PHP 7.2(Removed deprecated asserts )

4.8.42

Input validation fixes.

4.8.41

Support for PHP version 5.3 and above.

4.8.40

Added feature for Exporting plugin configuration.
Added View SAML Request and Response

4.8.35

Fixed the Entity ID/Issuer issues for AzureAD Idp.

4.8.34

Introducing miniOrange on-premise IDP

4.8.33

Compatibilty with WordPress 4.9

4.8.32

Introducing Standard version of SAML Plugin for small sized customers.
Fixed Registration issue.

4.8.31

Introducing Standard version of SAML Plugin for small sized customers. Check Licensing Plans for more details.

4.8.30

Fix the CSS and JS inclusion only in the plugin pages, removed it from frontend and backend of WordPress.

4.8.28

Bug fix for PHP 5.4.x version.

4.8.27

Support for Multiple Certificate via Metadata

4.8.26

SAML Configuration by Uploading metadata.
Descriptive Error Messages.
Use miniorange as IdP feature.
More verbose instructions.
Compatibility with WordPress 4.8

4.8.25

Updating Licensing Plans

4.8.24

Updating Plugin Title : SAML SP Single Sign On

3.8.14

Pattern change on OTP Verification page

3.8.12

Major security fixes. It is recommended to update to this version.

3.8.7

Fixes for WordPress 4.5

3.8.6

Added features: Support for WordPress Multi-site (Network setup), support for Multiple SAML-compliant IDPs and some fixes for WordPress 4.5

3.8.4

Introducing Free Trial for the premium version.

3.8.2

Security fix for preventing non-admin users from changing the settings.

3.8

Security fix for SAML-compliant IDPs that signs only Assertion and not the complete SAML Response XML.

3.7

Support for Integrated Windows Authentication – contact info@xecurify.com if interested

3.5

Decrypt assertion bug fix

3.4

Added some requested features and some bug fixes.

3.3

Added support for Google Apps as an Identity Provider.

3.2

Some bug fixes in role mapping.

3.1

Some bug fixes in auto registration.

3.0

Added option to use miniOrange Single Sign On Service
Made it simple to setup SAML authentication with your IdP.

2.3

Fixed forgot password bug for some users.

2.2

Added guides for configuring common Identity Providers like ADFS, SimpleSAMLphp, Salesforce, Okta and some bug fixes.

2.1

Removed unwanted JS files.

2.0

Added new feature like role mapping and auto redirect user to your SAML-compliant IdP.

1.7.0

Resolved UI issues for some users

1.6.0

Added help and troubleshooting guide.

1.5.0

Added error messaging.

1.4.0

Added fixes.

1.3.0

Added validations and fixes.
UI Improvements.

1.2.0

this is the third release.

1.1.0

this is the second release.

1.0.0

this is the first release.

WordPress.org

5 stars

The Best SSO Plugin Solutions

miniOrange with AAD

Great plugin and support

Fantastic Support

Great plugin and support is A++