Enable Role Mapping: You can map any WordPress role as a default user role to the all SSO users for which role mapping is not specified.
Eg: From the below Screenshot the Contributor role will be assigned to all the SSO users who will be logging into your website.
Advanced Role Mapping
Applies to : Premium or Higher version
You need to map Group Attributes Name. Select the attribute name from the list of attributes which returns the roles from your provider application.
Assign WordPress role to the Provider role: Based on your provider application, you can allocate the WordPress role to your provider roles. It can be a student, teacher, administrator or any other depending on your application. Add the provider roles under Group Attribute Value and assign the required WordPress role in front of it under WordPress Role.
For example, in the below image. Teacher has been assigned the role of Administrator.
Once you save the mapping, the provider role will be assigned the WordPress administrator role after SSO.
Example: As per the given example, Users with role ‘teacher’ will be added as Administrator in WordPress and ‘student’ will be added as Subscriber.
Keep existing user role
This feature prevents role updation of the existing user after SSO. It means if the user already exists in WordPress, then after SSO, their old role will not be updated regardless of the role mapping done in the role mapping section of the plugin.
Do Not allow login if roles are not mapped here
This feature prevents the user from login if his role retrieved from the provider side does not match with the role as used for mapping in the role mapping section of the plugin.
Role Mapping based on Email Domain
This feature allows to map the WordPress roles based on email domain of the user, when the email attribute is configured in Group Attributes Name.
Default role will be assigned to all users for which mapping is not specified.