where is SP Entity ID or Issuer

[holmegm]

Trying to use this onelogin plugin with a MiniOrange identity provider.

The connection does not work. I think the issue is not having the right SP Entity ID or Issuer.

The metadata for the onelogin plugin (service provider) has just a short string for this. Is that correct? Isn't is usually a whole URL? What is it supposed to be?

[pitbulk]

You can define the SP entity ID value on the "advanced settings" section... by default "php-saml" value will be used. You can access the metadata SP url and exchange it with the IdP.

[holmegm]

Yes, I saw that by default that "php-saml" was used. But plugging "php-saml" into "SP Entity ID or Issuer" on the Identity Provider did not work.

Plugging the metadata url from the OneLogin plugin into the "SP Entity ID or Issuer" field on the Identity Provider did not work either. (And there wasn't any field there labeled for plugging in the metadata url itself.)

What is supposed to work in that "SP Entity ID or Issuer" field on the identity provider? Just the bare, short string "php-saml"? Or is it some longer string that "everybody knows" how to construct, with "php-saml" plugged into it or appended to it somewhere?

[holmegm]

For example, in a working SSO setup that we have for a different client, we use the miniOrange SAML client/service provider, and it says to use an "SP-EntityID / Issuer" of "/wp-content/plugins/miniorange-saml-20-single-sign-on/", a full URL, rather than a short string.

So why does OneLogin WordPress SAML say to use just "php-saml" for "SP Entity ID or Issuer", rather than some full URL?

[pitbulk]

AS SP entity ID you can set any URI.

By default if you not set anything on the "advanced settings" section. the 'php-saml' value is used, but you can place for example the URL where the SAML SP metadata is published (the link can be found on the SAML settings view).

Also read: https://support.onelogin.com/hc/en-us/articles/204353160-Configuring-SAML-for-WordPress