General

How is SSO initiated through a Service Provider application (WordPress) ?

230 views December 21, 2021 akshayp 0

SP initiated SSO means that the SSO login flow is initiated by the user from the Service Provider’s side i.e. the WordPress site using a button/link/shortcode.

Single Sign-On (SSO) through Service Provider can be initiated in four ways using the WordPress SAML SSO Plugin:

  1. Auto redirection from site
  2. Auto redirection from WP login page
  3. Login button
  4. SSO Links (link, widget, shortcode)

 

  1. Auto-Redirection from site (Protect Complete Site): If a login session is not found at WordPress then the users are redirected to the IDP login page when they try to access any page/post on your site. This feature ensures that only authenticated users are able to access your WordPress Site.
    Note: The Forced Authentication option forces the user to authenticate themselves each time they try to login into the WordPress site, i.e. with every login attempt in WordPress, the user is forced to provide credentials on the IDP even if already logged into the IDP.
    SP initiated SSO - WP site
  2. Auto-Redirection from WordPress Login: This is an extension of “Auto-Redirection from WordPress site” feature that redirects users to the IDP login page when they try to access any WordPress site admin page i.e. wp-admin or wp-login.php.
    Note: This feature also has the additional functionality of backdoor access to your WordPress site through your WordPress login in case you get locked out of your IDP.
    SP initiated SSO - WP login
  3. Login button: This can be used to create a login button on the WordPress site’s default WP Login Page. The users can click on the button to authenticate themselves into WordPress via their IDP credentials. The button can be used as a shortcode/widget and aesthetics can be customized to match the theme of the site. This also provides you the ability to redirect all your users to WP login page when any page/post of your WordPress site is accessed.
    SP initiated SSO - login button
  4. SSO Links: This allows you to add a widget, shortcode, or link, anywhere (any page/post or header/footer) on your site for users to login to your WordPress site using IDP credentials.
  • Plugin inherently support IDP initiated SSO.

If you are still facing any issue the feel free to reach us at samlsupport@xecurify.com

Was this helpful?

Related Articles