Please start here if you want to connect your service to the SURFconext platform

Introduction

miniOrange WordPress SAML Single Sign-On (SSO) Plugin acts as a SAML 2.0 Service Provider which can be configured to establish the trust between the WordPress site and a SAML 2.0 capable Identity Provider like SURFconext. This allows your users to securely login to the WordPress (WP) site with an institutional account.

miniOrange has the following features:

  • Auto-redirect to IdP (Protect Complete Site);
  • SAML Single Logout;
  • SSO Login button/widget/link;
  • Basic and Custom Attribute Mapping / Advanced Role Mapping 
  • Multiple SAML IDPs Support
  • WordPress Multisite Support
  • SCIM Automatic User Sync
  • BuddyBoss / LearnDash / Memberpress Integrator


SURFconext Single Sign-On (SSO) login for WordPress using SAML can be achieved by using the miniOrange WordPress SAML Single Sign-On (SSO) Plugin. This guide will show you how to configure SURFconext SSO login into a WordPress site. You will do so by considering SURFconext as an IdP (Identity Provider) and WordPress as an SP (Service Provider). SURFconext acts as an IdP proxy to institutions in the Netherlands. To know more about other features in the WordPress SAML Single Sign-On (SSO) plugin, you can click here.

Pre-requisites: Download And Installation

To configure SURFconext Single Sign-On (SSO) / Login with SURFconext as SAML IdP into WordPress, you will need to install the miniOrange WordPress SAML SP SSO Plugin. If you do not have access to our SP Dashboard, please contact us at support@surfconext.nl. Refer to our step-by-step guide to get going. You can also use our contact form here. A detailed, in depth discription how to setup miniOrange can be found here and will explain how to prepare and complete your setup. 

Step 1: Setup SURFconext as an IdP (Identity Provider)

  • Login to your instance in our SP dashboard.
  • First, let's add an Service Provider entity to your Test Environment. In the SP Dashboard window, click on add entity for test environment below Entities @ test environment.
  • In CREATE REGISTRATION FORM select Protocol as “SAML 2.0” and “No, create blank registration form” under From existing entity. Then click on Create.
  • In the Service Provider registration form, paste the Service Provider (SP) Metadata URL and click on Import. [You can get the Metadata URL from the Service Provider Metadata tab in the WP SAML SSO plugin].
  • Select the Name-ID format as required and then enter the Logo URL, Name, and Description.
  • Enter the required data in the Administrative Contact and Technical contact section. Try to use functional addresses as much as possible (like support@surfconext.nl).
  • Once you have entered all the required information, click on Publish.
  • After the Test Environment is published, you will be presented with a list of Identity Providers that can be used to test your instance. Remember those, as you will use those to test your service.
  • Next, copy the Test Environment link to fetch the SURFconext IdP-proxy metadata for configuring your service:

Step 2: Setup SURFconext as an IdP (Identity Provider)

  • Here, we will be adding the IdP metadata to configure the plugin. In the miniOrange SAML plugin, go to the Service Provider Setup tab of the plugin and click on the Upload IDP metadata button.
  • Enter the Identity Provider Name and paste the IDP metadata URL and click on Fetch Metadata.

  • Your configurations should be saved successfully in the plugin!

Step 3: Test the SSO configurations

  • To test the configurations made, navigate to the Service Provider Setup tab of the plugin and click on the Test Configuration button.

  • If your configurations are correct, you will receive a Test Successful message.

You have now successfully configured SURFconext SAML Single Sign-On (SURFconext SSO Login) using SURFconext as an IdP proxy and WordPress as SP using the miniOrange SAML Single Sign-On – SSO Login Plugin! If you are looking for anything which you cannot find, please drop an email at samlsupport@xecurify.com or support@surfconext.nl.