Probable Cause:
Okta may not be sending the required attributes (such as Email or NameID) in the SAML response as configured in the miniOrange plugin’s Attribute Mapping tab. Alternatively, the NameID in Okta might be set to a different attribute that is not mapped in the plugin configuration.
Solution:
- In the Okta Admin Dashboard, go to the Application used for WordPress SSO.
- Under Sign On → Add a new Attribute Statement if missing:
- Name: email
- Expression: user.profile.email
- If the NameID format is not selected, ensure to select the unspecified.
- Save and assign the app to users/groups as needed.
- In WordPress → miniOrange SAML SSO → Attribute Mapping, map email to the Email field.
- Test configuration again.
Still need help?
Contact us at samlsupport@xecurify.com
