-
Notifications
You must be signed in to change notification settings - Fork 37
Configure Authorizer for UH Logins
-
Register your WordPress website with ITS so that it is allowed to use UH Logins: https://uhawaii.atlassian.net/wiki/spaces/UHIAM/pages/13403115/Web+App+Registration+Form
(If you are planning on integrating UH Groupings, make sure to select
Authentication plus additional information is required
when filling out the form (in order to have access to theuhReleasedGroupings
attribute). -
Install and activate the Authorizer plugin on your WordPress site:
- Navigate to
WordPress Dashboard > Plugins > Add New
. - Search for
authorizer
, clickInstall Now
and thenActivate
on the Authorizer card.
- Navigate to
-
Configure Authorizer to use UH Logins (CAS) to provide authentication:
- Navigate to
WordPress Dashboard > Authorizer > External Service
. - Configure the following options:
- CAS logins: ☑️ Enable CAS Logins
-
CAS custom label:
your UH Login
-
CAS server hostname:
authn.hawaii.edu
-
CAS server port:
443
-
CAS server path/context:
/cas
-
CAS server version:
SAML_VERSION_1_1
-
CAS attribute containing email address:
uhEmail
-
CAS attribute containing first name:
givenName
-
CAS attribute containing last name:
sn
- CAS attribute update: ☑️ Update first and last name fields on login
- Navigate to
-
Configure Authorizer to either allow anonymous users to see the site, or, as shown in the screenshot below, restrict access to only logged in users to all but a chosen set of Public pages:
- Navigate to
WordPress Dashboard > Authorizer > Public Access
. - Configure the following options:
- Who can view the site?: 🔘 Only logged in users can see the site
- What pages (if any) should be available to everyone?: (Choose your Public pages here)
- What happens to people without access when they visit a private page?: 🔘 Send them to the login screen
- Navigate to
-
Configure Authorizer to automatically create accounts for everyone logging in via UH Logins.
- Navigate to
WordPress Dashboard > Authorizer > Login Access
. - Configure the following option:
- Who can log into the site?: 🔘 All authenticated users
- (Alternatively, you can configure Authorizer to notify an administrator when a new user logs in, and manually approve them.)
- Navigate to
-
Save your changes.