EZPZ SAML SP Single Sign On (SSO) Plugin

EZPZ SAML SP turns your wordpress website into a fully functioning SAML
service provider. EZPZ SP then allows you to use your existing Identity
Provider (IdP) to authenticate to your wordpress website. We support all
known SAML 2.0 IdPs such as: ADFS, Athens (Eduserv), AzureAD, Bitium,
Centrify, Google Apps, Okta, OneLogin, OpenAM, Oracle, Ping Identity,
Salesforce, Shibboleth, SimpleSAMLphp, WSO2 and many more.

In the premium version of the plugin you are also able to use IP Based
authentication. The premium version also allows you to configure
authentication to multiple IdPs instead of a single IdP.

You have the power to either switch on authentication for the entire
wordpress website to force Single Sign on site wide. Or you can choose to
enable per post / page authentication and require login for particular
posts and pages.

If you require any Single Sign On help or have any questions about the
plugin please email [email protected]

Free Features

1. SAML Authentication
2. Automatic IDP metadata pull (not cached, pulled on every login)
3. Upload IDP metadata file
4. Protect whole site
5. Restrict access to posts or pages
6. Redirect wordpress login page to IDP
7. Direct IDP login link that can be used anywhere (not currently shown in
   front-end)
8. Login via institution link on footer of wordpress login page
9. Auto fill username and optionally email from SAML attributes
10. SAML Single Logout
11. Automatic initial certificate generation
12. Custom SP certificate support
13. Auto creates missing users on login
14. Advanced security options

Premium Features

1. Option to disable user auto creation
2. Option to append institution name to user to avoid duplicates across IDPs
3. Options to select SAML Request binding type
4. Customized Role Mapping / Set users default role on creation
5. IDP Metadata caching
6. Custom Attribute Mapping (Any attribute which is stored in user-meta
   table)
7. Sub-site specific SSO for Multisite
8. Bulk update to enable/disable post and page restrictions
9. Granular access controls per institution
10. Auto login via IP
11. Ability to restrict posts or pages to specific institutions and/or
    specific groups?
12. File upload protection (new file manager so you can protect PDFs, images
    etc)

FROM YOUR WORDPRESS DASHBOARD

1. Visit Plugins > Add New.
2. Search for “EZPZ SAML SP”. Find and Install “EZPZ SAML SP Single Sign On
   (SSO)”
3. Activate the plugin from your Plugins page.

FROM WORDPRESS.ORG

1. Download EZPZ SAML SP Single Sign On (SSO) plugin.
2. Unzip and upload the ezpz-sp-saml-sso directory to your
   /wp-content/plugins/ directory.
3. Activate EZPZ SAML SP Single Sign On (SSO) from your Plugins page.

How do I set the plugin up

Please see the installation instructions above or please watch the video
here https://ezpzsp.com/getting-started/

What does the redirect wordpress login option do?

This allows you to make it so that you cannot go to
www.yoursite.com/wp-admin and login with your manual admin account. When
you go there with this option enabled you will be sent to the IdP that has
been configured for this plugin.

I have locked my self out of the admin and cannot login what do i do!?

Have no fear, if you haven’t enabled the redirect wordpress login option
you can just go to www.yoursite.com/wp-admin. If however you have enabled
that option then you can just go to www.yoursite.com/wp-admin?nologin to
bypass the redirect.

How do I protect the whole website and force login via SAML / SSO?

You can do that by going to the EZPZ SP Plugin settings and clicking on
login options tab and then press protect whole website. That will force a
login to any of the pages (please note that doesn’t protect the wp-content
files so all of your media files you’ll need the premium plugin for that).

How do i get support?

If you have any questions then you can email [email protected]

1.2

• Allow SAML attributes to use the unfriendly names

1.0

• First stable release