這個外掛並未在最新的 3 個 WordPress 主要版本上進行測試。開發者可能不再對這個外掛進行維護或提供技術支援,並可能會與更新版本的 WordPress 產生使用上的相容性問題。

Headless SSO Plugin for WP

外掛說明

Our Headless Single Sign-On (SSO) provides one-click login into any Progressive Web App Frameworks via WordPress and IdPs with JWT Authentication.

We provide integration with SAML Single Sign-On (SAML SSO), CAS, Radius and many more which helps in providing SSO into your wordpress sites by the configured Identity Provider that allows user to authenticate and SSO into the Progressive Web Application which can be based on any Frontend technology.

WordPress Single Sign-On (SSO) with our SAML Single Sign On – SSO Login plugin allows SSO with Azure AD, Azure AD B2C, Keycloak, ADFS, Okta, Shibboleth, Salesforce, GSuite / Google Apps, Office 365, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ and all SAML 2.0 capable Identity Providers into your WordPress site.

Our SAML /OAuth will handle Response from the Identity provider and create the user in WordPress if it doesn’t exist, create a session of WordPress and with our JWT plugin, convert SAML Response into JWT and post on the Angular application.

Headless Mode

The headless mode allows you to disables the WP frontend experience and allows you to and let’s you integrate with any front-end frameworks like Gatsby, Vue, Angular,React, NextJS, Flutter using REST API. This allows you to use WordPress only for managing the content and fetch the content in the frontend environment via APIs.

Features Include

Single Sign-On Integration: miniOrange provides Single Sign-On (SSO) integrations with all types of protocols like SAML, OAuth2.0, OpenID connect, CAS, LDAP, WS-Fed, Radius, etc.

Frontend technology Support: Easy to Configure : It allows any Frontend technology like React JS, Angular JS, Flutter, Gatsby banking on Headless WordPress to be able to Single Sign-On via the described Identity Providers.

JWT Signing: Support for Signing JWT token using algorithms like HS512, RS512, etc.

Attribute Mapping: Get user attributes from your Provider and map them to WordPress user attributes like firstname, last name with support for custom attributes

Link to add IDP Login: Add a link anywhere on your frontend to allow users to authenticate via their Identity Provider

Multiple IDP Support: Configure multiple IDPs to perform Single Sign-On (SSO) into WordPress

Stateful and Stateless session Support: Allows maintaining session on only frontend, only WordPress or both.

Protect Your Complete Site: Restrict your WordPress site to only logged-in users by redirecting the users to your Identity Provider if logged in session is not found

Code for Signature Verification: Code templates for JWT signature verification in all frontend technologies (React JS, Angular JS, Flutter, Gatsby, Vue, etc.)

Existing User store integrations (SSO): Provides real time Headless Single Sign-On(SSO) access for users without having to move users from their existing user stores.

Unauthorized error message when accessing front-end: The Headless mode option displays a 403 Unauthorized error message when users access the frontend of your website. If the users want to access the WordPress backend, they can do so by visiting ‘site_url/wp-login.php’

Redirect non-logged users trying to access the site: The Headless mode option redirects the non-logged in users to the WordPress login screen so that the access to the frontend is disabled. Logged-in users are redirected to the editor screen for the post which allows sharing a readable link straight to the editor so that they can easily edit the post.

Why people prefer miniOrange Headless SSO

Support for Customization: Customization in the Single Sign-On (SSO) flow based on your customized IDP or additional requirements.

Cost-effective: Get access to Headless SSO with saving cost and time avoiding password fatigue with streamlining the user experience and adoption rates more.

24/7 Active Support: We provide world-class support and customers vouch for our support, ensuring you best services all the time.

Use Cases

Login into Gatsby / Gatsby SSO login: The app based on Gatsby’s endpoint needs to be entered in the WordPress Headless SSO Plugin.
The Authentication request from WordPress is redirected to the Identity Provider, and complete authentication process occurs at IdP end. The plugin receives a SAML / OAuth Response from the IdP. A signed JWT response is sent to Gatsby via WordPress Headless SSO plugin.

Login into AngularJS App / Angular js app login (SSO):
We introduced Angular SSO using Azure AD as identity Provider (IDP). We have configured SSO with Azure AD on our WordPress site backend using WordPress SSO Plugin .Websites use WordPress as a headless CMS so we can’t use SSO widget or buttons on the frontend to initiate SSO. Integrating Single Sign-On (SSO) functionality for your Headless WordPress environment allows your users to enable SSO login for any Headless decoupled frontend framework like AngularJS clubbed with WordPress backend using a single set of login credentials of your IDP Azure AD.

We also offer Headless SSO into various frontend technologies like:

  • Login into Flutter / Flutter App Login (Headless SSO)

  • Login into Vue / Vue App Login (Headless SSO)

  • Login into React / React App Login (Headless SSO)

Documentation

Our Headless SSO plugin for WordPress – Headless SSO plugin for WordPress comes with detailed guidelines with ensured content, expectations to make sure you don’t get lost along the way.
https://plugins.miniorange.com/wordpress-headless-sso

Contact Support

If you are still nervous about your website security or how the plugin would work for you specifically, customized solutions and Active support are available. You can always Contact Us, or Email us at samlsupport@xecurify.com and we would be happy to help you out.

Website

Check out our website for other plugins http://miniorange.com/plugins or click here to see all our listed WordPress plugins.
For more support or info email us at info@xecurify.com or Contact us.

螢幕擷圖

  • WP Headless SSO | Workflow | Web app frameworks authentication.

安裝方式

From WordPress.org

  1. Download Headless SSO Plugin.
  2. Unzip and upload the headless-sso directory to your /wp-content/plugins/ directory.
  3. Activate Headless SSO from your Plugins page.

From your WordPress dashboard

  1. Visit Plugins > Add New.
  2. Search for Headless SSO Plugin. Find and Install Headless SSO Plugin.
  3. Activate the plugin from your Plugins page.

For any query/problem/request

Visit Help & FAQ section in the plugin OR email us at info@xecurify.com or Contact us. You can also submit your query from plugin’s configuration page.

使用者評論

2024 年 8 月 7 日
The plugin worked for our use case, which is appreciated since there aren’t many Headless WordPress SSO solutions available. We encountered a few issues, but the support was responsive and resolved them. More documentation would be helpful. Overall, it’s a recommended plugin and support.
閱讀全部 1 則使用者評論

參與者及開發者

以下人員參與了開源軟體〈Headless SSO Plugin for WP〉的開發相關工作。

參與者

將〈Headless SSO Plugin for WP〉外掛本地化為台灣繁體中文版

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄

變更記錄

1.4

  • Added SAML SSO Support
  • Updated plugin’s UI

1.3

  • Enable Headless CMS Mode
  • Added Support form and feedback form
  • WordPress 5.9 Compatibility

1.2

  • Bug fixes
  • Readme Updates
  • WordPress 5.8 Compatibility

1.1

  • Updated Plugin description

1.0

  • This is the first release