You should be able to setup WP multisite subdomain for single login, but it depends on the domains of both sites. Are the domains related or completely different? Related: domain1.com site1.domain1.com; different: domain1.com domain2.com
WP uses cookies to pass along authentication credentials. Cookies can only be passed to the same (sub)domains.
For SAML authentication, you might need to install the SAML plugin on each site even with sub directory… it really depends on your WP configuration. If you only configure SAML auth on the main site, what happens when someone tries to log into a subsite directory?
The domains are related.
I should be more clear. The sub domain is set up with single login and is working. Both sites have a SAML plugin. The SAML authentication I am using is through OneLogin. Their dashboard requires each “app” or site has it’s own connector. This would be confusing to many of the users of the site. I would like to eliminate the need for the extra connector on users OneLogin dashboard.
If I only have SAML auth set up on the homepage, anyone can access the sub domain, which would be like leaving the back door open. It sounds like a sub directory would act the same was as a sub domain when I comes to SAML auth.
You are asking for configuration/modifications that are plugin specific. You should ask those questions on the plugin support forum. I doubt anyone here uses SAML or OneLogin.
Dont confuse WP SSO with SAML SSO. For example, if all your sites are subdomains (site1.domain.com, site2.domain.com, etc) then it is possible to setup WP to allow (or not allow) SSO across all sites.
We have over 300 sites in our WP system. We setup WP SSO, so a user only has to log into one site to be logged into any/all of them. Just because a user has access (role) on one site does not mean that they have access to other sites. We use Shibboleth SAML for authentication… we wrote our own WP plugin.
