Login
Sign up

PingFederate SAML SSO WordPress: Complete Setup Guide for PingFederate WordPress Single Sign-On

A complete, easy-to-follow guide for setting up PingFederate SAML SSO with WordPress. Learn how to integrate PingFederate with your WordPress site using SAML authentication to enable secure single sign-on and provide a simplified login experience for your users

Ready to Get Started?

Download the free plugin and make your WordPress site more secure.

Download Free Plugin Skip to Steps
Check Out Features

Introduction to PingFederate SAML SSO WordPress

Want to make user access easier and boost security on your WordPress site? Our PingFederate SAML SSO WordPress integration can help you do just that. This guide shows you how to setup SAML SSO in WordPress using PingFederate as your SAML Identity Provider (IDP) using our SAML SSO plugin for WordPress. By following these steps, you’ll enable secure PingFederate-based login for your WordPress site, giving users a simplified and protected authentication experience.

Benefits of Using PingFederate SAML SSO with WordPress

Integrating PingFederate with your WordPress site through SAML SSO comes with a range of valuable benefits:

  • Enhanced Security: Use PingFederate’s enterprise-grade security features, including SAML authentication WordPress and centralized authentication, to protect your site.
  • Improved User Experience: Users can log in with just one set of credentials, making the sign-in process faster and more convenient.
  • Simplified User Management: Manage users and roles from PingFederate, reducing admin overhead in WordPress and enabling PingFederate WordPress authentication.
  • Role and Attribute Mapping: Map PingFederate attributes and roles to WordPress users for granular access control, enhancing your SAML user login workflow.
  • Easy SSO Button Integration: Add a PingFederate SSO login button to your WordPress site for quick access allowing users to log in WordPress via PingFederate with just one click.

Prerequisites for PingFederate SAML SSO WordPress Setup

  • Active PingFederate server with admin access
  • WordPress site with admin privileges
  • Keywoot SAML SSO Plugin installed
  • SSL certificate for secure communication

Step-by-Step Guide to Setting Up PingFederate SAML SSO with WordPress

1

Install the WordPress SAML SSO Plugin

Start by installing the Keywoot SAML SSO plugin on your WordPress site. This plugin enables SAML SSO functionality and allows you to integrate PingFederate as your Identity Provider for secure WordPress login.

Instructions:

  1. Log into your WordPress admin dashboard
  2. Navigate to Plugins → Add New
  3. Search for “Keywoot SAML SSO
  4. Click Install Now and then Activate

Dashboard → Plugins → Add New → Search for “Keywoot SAML SSO”

Screenshots:

WordPress PingFederate SSO Plugin Installation - Find SAML SSO plugin in WordPress directory
Find the SAML SSO plugin in the WordPress plugin directory
2

Create SP Connection and Import WordPress Metadata

Access your PingFederate administration console and create a new Service Provider (SP) connection using WordPress metadata. This establishes the SAML relationship between PingFederate and WordPress.

Access PingFederate Admin Console:

  1. Open your web browser and navigate to the PingFederate Administration Console
  2. Log in with your administrator credentials

Create New SP Connection:

  1. Navigate to Identity Provider → SP Connections
  2. Click Create New to create a new SP connection
  3. Choose Browser SSO Profile and click Next
  4. On the Connection Options tab, select Browser SSO
  5. Click Next to continue

Import WordPress Metadata:

  1. Select Import SP metadata from file
  2. Browse and select the WordPress SP metadata file (downloaded it SP Metadata tab WordPress SAML SSO plugin by keywoot)
  3. Click Import to process the metadata
  4. Review the metadata summary and click Next
  5. On the General Info page, confirm the auto-filled Entity ID and Base URL
  6. Click Next to proceed

PingFederate Admin Console URL: https://your-pingfederate-server:9999/pingfederate/app

Note:

You can download the WordPress SP metadata file from the Service Provider Metadata section of the Keywoot SAML SSO plugin settings in WordPress. Make sure you have administrative privileges in PingFederate.

3

Configure Browser SSO and SAML Settings

Configure the comprehensive Browser SSO settings, assertion creation, protocol settings, and credentials to enable secure SSO between PingFederate and WordPress.

Browser SSO Configuration:

  1. Click Browser SSO → Configure Browser SSO (opens new wizard)
  2. Select the following SSO profiles:
  3. IDP-Initiated SSO (allows users to start from PingFederate)
  4. SP-Initiated SSO (allows users to start from WordPress)
  5. Set Assertion Lifetime to default 5 minutes (can be customized as needed)
  6. Click Next to continue

Assertion Creation:

  1. Click Assertion Creation → Configure
  2. Set Identity Mapping to STANDARD
  3. In Attribute Contract, define the NameID format
  4. Click Map Adapter Instance and select one that includes user email
  5. Set Mapping Method to Use only adapter contract values
  6. In Attribute Contract Fulfilment, map email to SAML_SUBJECT
  7. (Optional) Add Issuance Criteria if needed (e.g., role-based filters)
  8. Review Assertion Creation Summary and click Done

Protocol Settings:

  1. Click Protocol Settings → Configure
  2. Enable POST binding
  3. Confirm ACS URL matches the one provided in WordPress plugin metadata
  4. Set Allowable SAML Bindings to POST
  5. Configure Signature Policy according to your security needs (default is fine)
  6. Enable Encryption Policy if you are premium plan of Keywoot SAML SSO plugin
  7. Review Protocol Settings Summary and click Done

Credentials and Activation:

  1. Click Credentials → Configure
  2. Select your Signing Certificate
  3. Check Include cert in the signature element
  4. Set Connection Status to Active
  5. Click Save Connection
Important:

Make sure your adapter instance includes the user email attribute for proper user mapping. The signing certificate is crucial for secure SAML communication between PingFederate and WordPress.

4

Export PingFederate Metadata and Configure WordPress Plugin

Export the PingFederate Identity Provider metadata and configure the WordPress SAML SSO plugin to complete the integration.

Export IdP Metadata from PingFederate:

  1. In PingFederate Admin Console, go to Identity Provider → SP Connections → Manage All
  2. Select your WordPress connection from the list
  3. Click Export Metadata to download the PingFederate IdP metadata file
  4. Save the metadata file to your computer (you’ll need it for WordPress configuration)

Configure WordPress Plugin:

  1. Go to WP SAML SSO Plugin Settings in your WordPress admin dashboard
  2. Navigate to the Identity Provider tab
  3. Upload the PingFederate IdP metadata file you just downloaded
  4. Click Save Settings to apply the configuration

Test Configuration:

  1. In WordPress, navigate to WP SAML SSO Plugin Settings
  2. Click on Test Configuration in the plugin to verify the setup
    3. WordPress SAML Plugin Test Configuration - Save settings and test SAML configuration with PingFederate
    WordPress SAML Plugin Test Configuration – Click Save and then Test Configuration to verify the SAML setup with PingFederate
  3. This will open up a popup window and redirect you to the PingFederate login page
  4. Authenticate with your assigned PingFederate user credentials
  5. After successful authentication, you should be redirected back to WordPress and you should see a success message screen along with the attributes received from PingFederate

Screenshots:

WordPress SAML Plugin Identity Provider Tab - Upload PingFederate metadata file for SAML configuration
WordPress SAML Plugin Identity Provider Tab – Upload the PingFederate IdP metadata file for SAML configuration
If you are redirected to PingFederate and successfully return to WordPress after authentication with proper user assignment, your WordPress SAML SSO integration is working correctly!
Important:

Make sure the PingFederate metadata file is successfully uploaded and the test configuration passes. This confirms that the SAML communication between PingFederate and WordPress is properly established.

Premium Features for WordPress PingFederate SSO

Attribute Mapping

Attribute mapping is essential for aligning user attributes from PingFederate with those in WordPress. To configure attribute mapping:

In PingFederate Admin Console:

  1. Navigate to SP Connections → Your WordPress Connection → Attribute Contract
  2. Map PingFederate user attributes (email, firstName, lastName, etc.) to SAML attributes
  3. Configure Authentication Source Mapping to map contract attributes to your user store
  4. Save your changes

In the Keywoot WordPress SAML SSO Plugin:

  1. Navigate to the Attributes and Roles tab
  2. Click on Attribute Mapping
  3. Click on Show Attribute Received from IDP to see all attributes coming from PingFederate
  4. Map Username, Email, First Name, Last Name, etc. using dropdowns
  5. For custom attribute mapping, map any PingFederate user attribute to WordPress user meta
  6. Save your changes

Role Mapping

The Keywoot WordPress SAML SSO plugin provides advanced role mapping capabilities:

  1. Default Role: Assign a default role to non-admin users
  2. Advanced Role Mapping: Configure role mappings to assign WordPress roles based on PingFederate group membership or attributes
  3. Group-Based Roles: Map PingFederate user groups to specific WordPress roles automatically

Auto Redirections

Configure automatic redirections for a seamless user experience:

  1. Site Access Control: Redirect unauthenticated users to PingFederate or WP Login page
  2. WordPress Login Redirection: Redirect users from WordPress login to PingFederate
  3. Backdoor Login: Provide a URL to access wp-admin if redirection is enabled
  4. Post-Login Redirection: Configure where users land after successful PingFederate authentication

Advanced Security Features

Enterprise-grade security features for PingFederate integration:

  1. Certificate Management: Upload and manage SAML certificates for secure communication
  2. Signature Validation: Verify SAML assertion signatures from PingFederate
  3. Encryption Support: Support for encrypted SAML assertions and responses

For more details about premium features, visit our features page.

Frequently Asked Questions About PingFederate SAML SSO WordPress

What is PingFederate SAML SSO WordPress and how does it enhance security?

PingFederate SAML SSO WordPress is a secure authentication solution that enables users to log in to WordPress using their PingFederate credentials. This integration uses SAML 2.0 protocol, with PingFederate as the Identity Provider (IDP) and WordPress as the Service Provider. It enhances security by centralizing authentication, reducing password risks, and supporting advanced features like multi-factor authentication for WordPress SAML authentication.

How do I set up PingFederate WordPress login with SAML SSO?

To set up PingFederate WordPress login with SAML SSO, follow these steps:

  1. Install the Keywoot SAML SSO plugin on your WordPress site
  2. Create and configure SP connection in PingFederate
  3. Configure SAML settings and activate connection
  4. Export PingFederate metadata and configure WordPress plugin

This process enables you to use PingFederate for WordPress SSO effectively.

What are the benefits of using PingFederate SAML SSO WordPress integration?

PingFederate SAML SSO WordPress integration provides several key benefits:

  • Enhanced Security: Enterprise-grade security with centralized authentication and multi-factor support
  • Improved User Experience: Single sign-on for seamless access across applications
  • Streamlined Management: Centralized user and role management from PingFederate
  • Attribute and Role Mapping: Flexible mapping of PingFederate attributes to WordPress
  • Scalability: Enterprise-ready solution that scales with your organization
How does PingFederate WordPress Single Sign-On work with SAML?

PingFederate WordPress Single Sign-On works through the SAML 2.0 protocol:

  1. User attempts to access WordPress site
  2. WordPress redirects to PingFederate (Identity Provider)
  3. User authenticates with PingFederate credentials
  4. PingFederate sends SAML assertion back to WordPress
  5. WordPress validates the assertion and logs user in
  6. User gains access without entering WordPress credentials

This creates a seamless authentication experience for your users with enterprise-grade security.

What are the common issues when setting up PingFederate SAML SSO WordPress?

Common issues when setting up PingFederate SAML SSO WordPress include:

  • Incorrect URLs: Ensure ACS URL and Entity ID match exactly between PingFederate and WordPress
  • SSL Certificate Issues: Both PingFederate and WordPress must use HTTPS
  • Attribute Mapping: User attributes may not map correctly between systems
  • Connection Status: Ensure the SP connection is active in PingFederate
  • Metadata Issues: Outdated or incorrect metadata files can cause authentication failures
  • User Store Configuration: Verify that the authentication source is properly configured
Can I use PingFederate WordPress login with multiple WordPress sites?

Yes, you can use PingFederate WordPress login with multiple WordPress sites. Create separate SP connections in PingFederate for each WordPress site, and users can authenticate once with PingFederate to access all connected sites. This centralizes user management and ensures consistent security policies across all your WordPress installations, making it perfect for WordPress SSO integration with PingFederate.

Let’s Wrap Up

Congratulations — you’ve successfully completed the setup for integrating PingFederate SAML SSO with your WordPress site! By following this guide, you’ve implemented a secure, enterprise-grade authentication system that improves both security and user experience.

With PingFederate as your Identity Provider and SAML 2.0 powering the connection, your WordPress site now supports seamless single sign-on, centralized user management, and strong access control. This integration brings modern authentication standards to your site and is ready to scale with your organization’s growth.

Ready to Get Started?

Download the free plugin and make your WordPress site more secure.

Download Free Plugin Check pricing
Contact Support
WordPress SAML SSO

WordPress SAML SSO Secure Single Sign On Plugin

Simplify login on your WordPress site with secure Single Sign-On (SSO) using any SAML-compliant Identity Provider (IdP).

Download Free

Navigations

Integrations

Quick Links

Contact Info

Wordpress Github

WordPress SAML SSO – Secure Single Sign On Plugin

Copyright © 2025 keywoot.com All rights reserved.

Get Free Demo

We'll reach out to you along with the free Demo of the Premium Plugin

CTA FORM