IDP Specific

How to assign WordPress roles to users according to the groups in Azure AD?

943 views August 21, 2023 0

To assign WordPress roles based on groups in Azure, you will need to send the Azure groups in SAML response to WordPress.

To do so, you can follow these steps –

  1. In the Enterprise application section, go to the application you have created in AzureAD for your WordPress site.
  2. Under the Overview section, select the Set up Single Sign-On(SSO) option.
  3. Single Logout URL

  4. In the User Attributes & Claims section, click on the Edit button.
  5. AzureAD-group

  6. Navigate to the Add a group claim tab in the header section.
  7. Select any group from the group claims and click on Save.
  8. AzureAD-group

    Note: If you are using Azure Cloud Connect you can also select your SAML Account name instead of Group ID from the dropdown.

  9. Now, navigate to the Service Provider Setup tab in the plugin and click on the Test Configuration button.
  10. If the configurations are successfully set up, you will see the attributes received from AzureAD. Make note of the Attribute Name in which the Groups values are being received.
  11. AzureAD-group

  12. Go to Attribute/Role Mapping tab in the plugin and under Attribute Mapping, select the Group Attribute Name from the dropdown for the Group/Role attribute. Click on Save.
  13. AzureAD-group

  14. Now scroll down the same tab you will find the Role Mapping section.
  15. In this section, specify the group values you received from IDP to their respective Role fields and click on Save.
  16. AzureAD-group

    Note: If you are using Azure Cloud Connect and have selected SAML Account Name, your name will be displayed in the fields.

  17. Now whenever the user assigned in the group performs the Single Sign-On, the user will be assigned a role as configured in the role mapping.
  18. AzureAD-group

    If you are still facing issues then feel free to reach us at samlsupport@xecurify.com

Was this helpful?


Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com