WP Engine - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk.
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for WP Engine using MPAS. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization
To set up Multi-Pass with WP Engine, ensure you meet the following requirements:
- WP Engine admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in WP Engine are registered in your IdP and have the necessary permissions to access WP Engine.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
WP Engine - SSO configuration
Step 1 - WP Engine Configuration
- Log into WP Engine as an Administrator.
- Expand Users in the left menu and select Single Sign-On.
- Click Setup SSO for a new domain.
- Enter your email domain and select the WP Engine account to associate (Administrator account recommended).
- A DNS TXT record will be displayed. Add this record to your DNS host for validation.
- Once DNS validation succeeds, SAML app details will appear.
- Download the WP Engine metadata file locally.
- Click Next and review :
- App Name
- Description
- Logo.
| Field | Value |
|---|---|
| ACS URL (Recipient) | Provided by WP Engine SSO setup |
| Audience URI / Entity ID | Provided by WP Engine |
| SP Metadata | Downloadable XML file (e.g., WPEngineMetadata.xml) |
Step 2 - Multi-Pass configuration
- Open the Multi-Pass Dashboard.
- Select your tenant
- Click on Integrations and then click on Applications.
- In the Custom Integration section, choose SAML.
- Upload the
WPEngineMetadata.xmlyou downloaded earlier.
- Verify that all fields are populated correctly:
| Field | Value |
|---|---|
| Client ID (= Audience URI) | (From WP Engine) |
| Name | WP Engine |
| ACS URL | (From WP Engine) |
| NameID Format |
- Click Download Tenant XML data and save it locally (this URL will be uploaded into WP Engine).
- Click Add Integration.
- Go to Advanced Console
- Click on Clients.
- Locate the WP Engine client and verify:
General settings
| Field | Value |
|---|---|
| Client ID | (Audience URI) |
| Name | WP Engine |
| Always Display in UI | ON |
Access settings
| Field | Value |
|---|---|
| Home URL | |
| Valid Redirect URIs (ACS) | (From WP Engine) |
| IdP-Initiated URL | <APP_NAME> |
SAML Capabilities
| Setting | Value |
|---|---|
| Force NameID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
Signature & Encryption
| Setting | Value |
|---|---|
| Sign Documents | OFF |
| Sign Assertions | ON |
Step 3 - Testing the Integration
- Log into WP Engine and create a test user.
- In Multi-Pass Dashboard, create a test user with the same email.
- Attempt login via SSO using the MPAS Portal.
- Confirm attributes (email, firstName, lastName) are received.
Related Articles
SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...D2L Brightspace - SSO Integration
This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a step-by-step guide to ...Mulesoft - SSO Integration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Mulesoft using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...Notion - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...Heap - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...