WordPress

Configuration

  • Download the OpenID Connect plugin for Wordpress (license: GPLv2): https://wordpress.org/plugins/daggerhart-openid-connect-generic

  • Install the plugin by copying the downloaded content in wordpress/wp-content/plugins, then activate it in the Plugins tab of the Wordpress admin page.

  • In Settings, then** OpenID Connect Client**, complete the following parameters:

    Login Type : Auto Login-SSO
    Client ID : trustelem.oidc.gi3XXXX
    Client Secret Key : vly5yqnXXXX
    OpenID Scope : email profile openid
    Login Endpoint URL : https://mycompany.trustelem.com/app/160XXX/auth
    Userinfo Endpoint URL : https://mycompany.trustelem.com/app/160XXX/userinfo
    Token Validation Endpoint URL : https://mycompany.trustelem.com/app/160XXX/token
    End Session Endpoint URL : https://mycompany.trustelem.com/app/160XXX/slo
    

  • We recommend to activate the following options:

    • Link Existing Users

    • Redirect Back to Origin Page

    • Redirect to the login screen session is expired

    • Enforce Privacy

  • Nota:

    • Those parameters are optional. Their description is in the Wordpress admin dashboard

    • Let the other parameters to their original value

  • Setup Trustelem with the following parameters:

    • Wordpress server URL

    • Login URL: the application’s URL starting the OIDC flow. It is used as a target to the application on the Trustelem user’s dashboard.

Beware of access control policies

  • If the user identified by Trustelem doesn’t exist in Wordpress, it will be automatically created.

  • So access control policies have to be set up carefully on the Access Rules tab of the Trustelem admin dashboard.