I guess my question is pretty much the same. We have our own identity provider. Can I configure this plugin to authenticate against that, or is this plugin only intended for using with the Onelogin service. I’m beginning to think the latter.
-
This reply was modified 5 years, 7 months ago by verdonv.
Thread Starter
kujain
(@kujain)
Hi @verdonv
I actually did manage to get Google SAML app working with this plugin after many trial/error attempts since the settings were not properly documented. Here are a few additional steps I had to do for Google SAML – hopefully it will help you set it up with your provider:
Match WordPress account by: Email
Mapping:
Username: username
E-mail: email
Service Provider Entity Id: php-saml
NameIDFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
SAML APP setting:
ACS URL: <site url>/wp-login.php?saml_acs (very important!)
entity ID: php-saml (same as above)
Mapping:
username: Primary Email
email: Primary Email
Name ID Format: Email
Name ID: Primary Email
Hope this helps!
-
This reply was modified 5 years, 7 months ago by kujain.
Hi @kujain
Greetings from frosty Northern Canada. Thank you very much for this information. It definitely helps me get a sense of how to work with this. I’ll poke away at it this afternoon and report back.
Best wishes,
I wish I had more detail, but we did get this working with our identity provider. Getting the transformations right at the IP end was key to success. I’ll be trying later today or tomorrow on a multi-site setup and will try to get the details from the sys admin of the identity provider as to what we had to do. In short though… works like a charm!
@verdonv – what did you encounter when testing on a multi-site install?