Directories and wordpress: what a fun! But how logout?

[vidierre]

I am opening this topic because, just for fun, I was trying to integrate the new directories functionality with Wordpress. I cannot consider me an expert, but I am happy to explore, so may be that what I write hereafter could be based on wrong assumptions. Please correct me!

My thought was to use CASPIO Directories as an IDP and configure Wordpress as a Service Providers. 

• so I started installing the miniOrange SSO using SAML 2.0 wordpress plugin
• from the plugin settings, looking into the Service Provider Metadata tab I got the SP-EntityID / Issuer and the ACS (AssertionConsumerService) URL parameters
• with these I created an app connection into my CASPIO directory. From its Identity Provider setting section I got the Identity provider identifier and the Single sign-on URL IDP parameters
• going back to the miniorange settings, I configured a Custom IDP with these parameters and pasted the CASPIO certificate

The result is that I got an extra login button with the App name defined in CASPIO Directories. When I use it I successfuly got redirected to my user portal where I can login with CASPIO credentials.

Now the question is about logout. If I logout from wordpress when I login again (with the wonderful saml) it seem I am already logged in and no crewdentials are required.  How can I logout also from CASPIO?

To do these tests I found useful these readings:

• to understand SAML  https://www.onelogin.com/learn/saml  https://blog.miniorange.com/what-is-the-difference-between-saml-and-oauth/
• to configure plugin https://plugins.miniorange.com/saml-single-sign-on-sso-wordpress-using-custom-idp
• to know more about CASPIO directories https://howto.caspio.com/getting-started-videos/video/?vid=DFBA3433A82049E9A986E742F3871CB8&pvid=EFBEF423FE054FC0BF755FBB635784F9&menu=menu-item-27513&menu=menu-item-27513&title=Caspio Directories

 

[vidierre]

UPDATE

1. @ParkLoey I think that if you make available a Directory structure is very belittled if it is "just for Caspio app use". This for two reasnons: the first is that a Directory is very useful if it can be work like and identity provider for other system; the second is that CASPIO cannot undervaluate the potential of Wordpress used as front-end. Tons of functions easy to implement with wordpress are very far to be implemented with CASPIO.
2. ANYWAY I FOUND THE SOLUTIONS and is quite simple. From Wordpress you need to set the logout URL redirection to the CASPIO URL logout. In this way when users logout they quit the session with Wordpress and then also the CASPIO one.

The only contraindication is the miniorange plugin price. You can have this functionality with the Free one too, but at login your users will be redirected to the wordpress dashboard. This could be undesired.

[ParkLoey]

Nice workflow you got there, @vidierre! Although my thoughts about Caspio's Directories was just for Caspio app use, yours look great. It looks like Directories is still on beta period, perhaps the logout option will be added soon enough. Will be following this thread for future references. Would also add the article they have for creating user portals:

https://howto.caspio.com/directories/directory-user-portal/user-portal-pages/

 

[Aether]

Hey there! Caspio releases new enhancements to the Caspio Directories feature, check this out: 

- Ability to enhance user profiles with field values using Text64000, Number, Integer, and Yes/No data types 
- Ability to include user profile fields using data from a related table
- Ability to customize the fields shown in the user list view 
Source: https://howto.caspio.com/release-notes/caspio-37-0/caspio-37-0/#:~:text=Enhancements to Caspio Directories

[IamNatoyThatLovesYou]

Hi Everyone, there is a single logout function that can be used in Directories! You can check more info on their release note.

- https://howto.caspio.com/release-notes/caspio-41-0/#:~:text=Enhancements to Caspio Directories 

 

[Aether]

Hey there! Caspio releases new enhancements to the Caspio Directories feature, check this out: 

• Page redirection options for sign-in and sign-out.
• Single logout (SLO) from third-party connected apps, so users are automatically logged out from the directory when logging out from a connected app.
• Ability to display a custom background image on the sign-in page, providing you with another way to customize your app’s login experience.

Source: https://howto.caspio.com/release-notes/caspio-43-0/#:~:text=Enhancements to Caspio Directories

[ParkLoey]

Hey there! Just wanted to add some enhancements to the recent Caspio release:

• Option to customize email templates for notifications sent from directories
• Ability to remove Caspio branding from user portal pages and emails

https://howto.caspio.com/release-notes/caspio-44-0/#:~:text=Enhancements to Caspio Directories

[vidierre]

I'm pretty confident that the work CASPIO is doing on the directories will continue until they become a crucial mechanism.
As of now, it seems to me that they're missing (or maybe I just haven't figured them out) two essential features for real-world production use:
1. User self-registration with email verification. Currently, I'm managing this with some data pages and traditional authentication.
2. Self-service password recovery.

This was my thought until 44.0 now I have to try it.