[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faJS5edDtARasGr87Ke_eLokUQg28qMyXAENdWeszn_g":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":106,"crawl_stats":38,"alternatives":111,"analysis":210,"fingerprints":581},"onelogin-saml-sso","OneLogin SAML SSO","3.4.0","sixtomartin","https:\u002F\u002Fprofiles.wordpress.org\u002Fsixtomartin\u002F","\u003Cp>This SAML plugin eliminates passwords and allows you to authenticate WordPress users (typically editors) against your existing Active Directory or LDAP server as well increase security using YubiKeys or VeriSign VIP Access via OneLogin. OneLogin is pre-integrated with thousands of apps and handles all of your SSO needs in the cloud and behind the firewall.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Eliminate passwords in WordPress\u003C\u002Fli>\n\u003Cli>Allow users to sign into WordPress with their \u003Cem>Active Directory\u003C\u002Fem> or \u003Cem>LDAP\u003C\u002Fem> credentials\u003C\u002Fli>\n\u003Cli>Give users one-click access from your intranet\u003C\u002Fli>\n\u003Cli>Increase security using browser PKI certificates or two-factor authentication from \u003Cem>Yubico\u003C\u002Fem> or \u003Cem>VeriSign\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Easily prevent access from former employees and contractors\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you used this plugin before 2.2.0 with just-in-time provision active, Read: https:\u002F\u002Fwpvulndb.com\u002Fvulnerabilities\u002F8508\u003Cbr \u002F>\nTo mitigate that bug, place the script at the root of wordpress and execute it (later remove it) https:\u002F\u002Fgist.github.com\u002Fpitbulk\u002Fa8223c90a3534e9a7d5e0a93009a094f\u003C\u002Fp>\n","This plugin provides single sign-on via SAML and gives users one-click access to their WordPress accounts from identity providers like OneLogin.",7000,192811,88,13,"2025-12-09T22:55:00.000Z","5.9.13","2.1.2","",[20,21,22,23,24],"active-directory","password","saml","single-sign-on","sso","https:\u002F\u002Fgithub.com\u002Fonelogin\u002Fwordpress-saml","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fonelogin-saml-sso.zip",96,5,0,"2021-03-31 00:00:00","2026-03-15T15:16:48.613Z",[33,49,64,78,93],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"WF-dede9cfc-61f1-4df1-bd40-e5ae73199575-onelogin-saml-sso","onelogin-saml-sso-open-redirection","OneLogin SAML SSO \u003C= 3.1.2 - Open Redirection","The OneLogin SAML SSO plugin for WordPress is vulnerable to open redirection in versions up to, and including, 3.1.2.  This makes it possible for unauthorized attackers to redirect traffic to potentially malicious websites.",null,"\u003C=3.1.2","3.2.0","medium",4.7,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:N\u002FI:L\u002FA:N","URL Redirection to Untrusted Site ('Open Redirect')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fdede9cfc-61f1-4df1-bd40-e5ae73199575?source=api-prod",1028,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":59,"published_date":60,"updated_date":45,"references":61,"days_to_patch":63},"WF-4ac3dae6-1890-44ba-9671-84f77807ffe5-onelogin-saml-sso","onelogin-saml-sso-distributed-denial-of-service","OneLogin SAML SSO \u003C= 2.8.0 - Distributed Denial-of-Service","The OneLogin SAML SSO for WordPress is vulnerable to DDoS in versions up to, and including, 2.8.0. This is due to an XML Entity Expansion. This makes it possible for unauthenticated attackers to use XML External Entity to cause the vulnerable service to slow down and\u002For become unresponsive.","\u003C=2.8.0","3.0.0","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:N\u002FA:H","Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')","2019-01-28 00:00:00",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4ac3dae6-1890-44ba-9671-84f77807ffe5?source=api-prod",1821,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":56,"cvss_score":71,"cvss_vector":72,"vuln_type":73,"published_date":74,"updated_date":45,"references":75,"days_to_patch":77},"WF-b524e239-0a7c-4515-8126-4fd298e43bdd-onelogin-saml-sso","onelogin-saml-sso-use-of-vulnerable-component","OneLogin SAML SSO \u003C= 2.4.2 - Use of Vulnerable Component","The OneLogin SAML SSO plugin for WordPress is potentially vulnerable to SAML Signature Wrapping attack due to use of a less secure version of the php-saml library in versions up to, and including, 2.4.2.","\u003C=2.4.2","2.4.3",7.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:L","Improper Verification of Cryptographic Signature","2016-10-14 00:00:00",[76],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb524e239-0a7c-4515-8126-4fd298e43bdd?source=api-prod",2657,{"id":79,"url_slug":80,"title":81,"description":82,"plugin_slug":4,"theme_slug":38,"affected_versions":83,"patched_in_version":84,"severity":85,"cvss_score":86,"cvss_vector":87,"vuln_type":88,"published_date":89,"updated_date":45,"references":90,"days_to_patch":92},"WF-c5a5c209-0ccd-4fa9-b22d-05bb22247441-onelogin-saml-sso","onelogin-saml-sso-plugin-authentication-bypass","OneLogin SAML-SSO Plugin \u003C 2.1.6 - Authentication Bypass","The OneLogin SAML-SSO plugin for WordPress is vulnerable to authentication bypass due to insufficient user validation in the ~\u002Fonelogin-saml-sso\u002Fonelogin_saml.php file in versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to create new accounts, including administrator accounts if an existing administrator's role name, username, or email address is correctly guessed.","\u003C2.1.6","2.1.6","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Authentication","2016-06-06 00:00:00",[91],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc5a5c209-0ccd-4fa9-b22d-05bb22247441?source=api-prod",2787,{"id":94,"url_slug":95,"title":96,"description":97,"plugin_slug":4,"theme_slug":38,"affected_versions":98,"patched_in_version":99,"severity":56,"cvss_score":57,"cvss_vector":100,"vuln_type":101,"published_date":102,"updated_date":45,"references":103,"days_to_patch":105},"CVE-2016-10928","onelogin-saml-sso-authentication-bypass","OneLogin SAML SSO \u003C 2.2.0 - Authentication Bypass","The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for just-in-time provisioned users.","\u003C2.2.0","2.2.0","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Use of Hard-coded Credentials","2016-01-21 00:00:00",[104],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F10ee015a-c60b-4236-bb7a-9d3ffd944bf9?source=api-prod",2924,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":107,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":108,"trust_score":109,"computed_at":110},1,2243,76,"2026-04-04T20:23:17.177Z",[112,135,157,175,192],{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":122,"num_ratings":123,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":127,"tags":128,"homepage":131,"download_link":132,"security_score":122,"vuln_count":133,"unpatched_count":29,"last_vuln_date":134,"fetched_at":31},"miniorange-saml-20-single-sign-on","SAML Single Sign On – SSO Login","5.4.1","miniOrange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberlord92\u002F","\u003Cp>\u003Cstrong>Simplify WordPress Login Experience With Our SAML Single Sign On (SSO) Plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>With the \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso?utm_source=readme&utm_medium=saml_lp&utm_campaign=wp_saml_sso\" rel=\"nofollow ugc\">\u003Cstrong>miniOrange WordPress SAML SSO plugin\u003C\u002Fstrong>\u003C\u002Fa>, you can enable Single Sign On (SSO) for your WordPress site. This means users can sign in with their existing accounts from Identity Providers (IDPs) like \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-azure-ad?utm_source=readme&utm_medium=azure_guide&utm_campaign=microsoft_azure\" rel=\"nofollow ugc\">\u003Cstrong>Microsoft Azure AD\u002F Entra ID\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-google-apps?utm_source=readme&utm_medium=g_suite_guide&utm_campaign=google_workspace\" rel=\"nofollow ugc\">\u003Cstrong>Google Apps Login (Gsuite Login)\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-okta?utm_source=readme&utm_medium=okta_guide&utm_campaign=okta\" rel=\"nofollow ugc\">\u003Cstrong>Okta\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-salesforce?utm_source=readme&utm_medium=salesforce_guide&utm_campaign=salesforce\" rel=\"nofollow ugc\">\u003Cstrong>Salesforce Login\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fkeycloak-single-sign-on-wordpress-sso-saml?utm_source=readme&utm_medium=keycloak_guide&utm_campaign=keycloak\" rel=\"nofollow ugc\">\u003Cstrong>Keycloak\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-shibboleth-2?utm_source=readme&utm_medium=shibboleth2_guide&utm_campaign=shibboleth\" rel=\"nofollow ugc\">\u003Cstrong>Shibboleth\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-onelogin?utm_source=readme&utm_medium=onelogin_guide&utm_campaign=onelogin\" rel=\"nofollow ugc\">\u003Cstrong>OneLogin\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-adfs?utm_source=readme&utm_medium=supported_idps&utm_campaign=adfs\" rel=\"nofollow ugc\">\u003Cstrong>ADFS\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-auth0?utm_source=readme&utm_medium=supported_idps&utm_campaign=auth0\" rel=\"nofollow ugc\">\u003Cstrong>Auth0 Login\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-office-365-single-sign-on-sso-login?utm_source=readme&utm_medium=supported_idps&utm_campaign=office365\" rel=\"nofollow ugc\">\u003Cstrong>Office 365 Login\u003C\u002Fstrong>\u003C\u002Fa>,  and others without creating separate WordPress usernames and passwords.\u003C\u002Fp>\n\u003Cp>The SAML plugin makes your WordPress site function as a SAML-compliant Service Provider (SP) by using the SAML 2.0 protocol to securely exchange authentication data with your chosen Identity Provider (IDP). Once users are authenticated by the IDP, they automatically gain access to your WordPress site and its resources.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Our WP SSO plugin is designed for you if you need:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Instant Secure Authentication\u003C\u002Fstrong>\u003Cbr \u002F>\nUsers access WordPress immediately using their existing Identity Provider (IDP) credentials without managing WordPress-specific passwords.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Centralized Access Management\u003C\u002Fstrong>\u003Cbr \u002F>\nControl everyone’s WordPress access through your SAML Identity Provider (IDP) security policies.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Organization-Only Access\u003C\u002Fstrong>\u003Cbr \u002F>\nRestrict WordPress access exclusively to verified employees through SAML Identity Provider (IDP) authentication and MFA.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Smart User Provisioning\u003C\u002Fstrong>\u003Cbr \u002F>\nAutomatically create WordPress accounts and assign roles based on Identity Provider (IDP) groups and user data.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Reduced Administrative Overhead\u003C\u002Fstrong>\u003Cbr \u002F>\nEliminate manual user creation, password resets, role assignments, and access management tasks.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Flexibility Across Different Identity Providers (IDP)\u003C\u002Fstrong>\u003Cbr \u002F>\nOur SAML plugin works with 50+ IDPs. Enterprises can set up Azure AD login into WordPress for employees, while universities use WordPress Okta SSO, Google Apps SSO (Gsuite Login), Salesforce SSO, Shibboleth SSO, OneLogin SSO, ADFS SSO, Keycloak SSO, Office 365 Login,  Auth0 SSO, Azure B2C SSO or any other SAML IDPs of their choice.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Quick Links:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso?utm_source=readme&utm_medium=saml_lp&utm_campaign=official_website\" rel=\"nofollow ugc\">🌐Official Website\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-guides?utm_source=readme&utm_medium=all_guides&utm_campaign=setup_guide\" rel=\"nofollow ugc\">🛠️Setup Guide\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fsandbox.miniorange.com\u002F?utm_source=readme&utm_medium=sandbox&utm_campaign=free_trial\" rel=\"nofollow ugc\">🎁Free Full-Feature Trial\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso?utm_source=readme&utm_medium=pricing_lp&utm_campaign=pricing_section#pricing\" rel=\"nofollow ugc\"> 💎Pricing Plans\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso-integrations?utm_source=readme&utm_medium=wp_integrations_lp&utm_campaign=integrations_addon\" rel=\"nofollow ugc\">🧩Integrations & Addons\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-azure-office365-integrations?utm_source=readme&utm_medium=azure_365_lp&utm_campaign=office_365_integrations\" rel=\"nofollow ugc\">📧 Office 365 Integrations\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso?utm_source=readme&utm_medium=contact_us&utm_campaign=support#contact-us\" rel=\"nofollow ugc\">🤝Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>WordPress SAML SSO Login Explained in Minutes\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FLk6KEKcPTWk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>WP SAML SSO Plugin Supports All SAML Identity Providers\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-azure-ad?utm_source=readme&utm_medium=supported_idps&utm_campaign=azure_ad_sso\" rel=\"nofollow ugc\">Azure SSO (Microsoft Entra ID)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-okta?utm_source=readme&utm_medium=supported_idps&utm_campaign=login_okta_sso\" rel=\"nofollow ugc\">Login with Okta SSO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-google-apps?utm_source=readme&utm_medium=supported_idps&utm_campaign=gsuite\" rel=\"nofollow ugc\">Google Apps Login\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-salesforce?utm_source=readme&utm_medium=supported_idps&utm_campaign=salesforce\" rel=\"nofollow ugc\">Salesforce SSO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fkeycloak-single-sign-on-wordpress-sso-saml?utm_source=readme&utm_medium=supported_idps&utm_campaign=keycloak\" rel=\"nofollow ugc\">Keycloak SSO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-adfs?utm_source=readme&utm_medium=supported_idps&utm_campaign=adfs\" rel=\"nofollow ugc\">ADFS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-azure-b2c?utm_source=readme&utm_medium=supported_idps&utm_campaign=azure_ad_b2c\" rel=\"nofollow ugc\">Login With Azure AD B2C SSO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-office-365-single-sign-on-sso-login?utm_source=readme&utm_medium=supported_idps&utm_campaign=office365\" rel=\"nofollow ugc\">Office 365 Login\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-onelogin?utm_source=readme&utm_medium=supported_idps&utm_campaign=onelogin\" rel=\"nofollow ugc\">OneLogin SSO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-auth0?utm_source=readme&utm_medium=supported_idps&utm_campaign=auth0\" rel=\"nofollow ugc\">Auth0 SSO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-pingone?utm_source=readme&utm_medium=supported_idps&utm_campaign=pingone\" rel=\"nofollow ugc\">PingOne\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-between-two-wordpress-sites?utm_source=readme&utm_medium=supported_idps&utm_campaign=2wordpress_sites\" rel=\"nofollow ugc\">WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-miniorange?utm_source=readme&utm_medium=supported_idps&utm_campaign=miniorange\" rel=\"nofollow ugc\">miniOrange\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-oracle-enterprise-manager?utm_source=readme&utm_medium=supported_idps&utm_campaign=oracle\" rel=\"nofollow ugc\">Oracle\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-jumpcloud?utm_source=readme&utm_medium=supported_idps&utm_campaign=jumpcloud\" rel=\"nofollow ugc\">JumpCloud\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-for-wordpress-using-cyberark?utm_source=readme&utm_medium=supported_idps&utm_campaign=cyberark\" rel=\"nofollow ugc\">CyberArk\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-duo?utm_source=readme&utm_medium=supported_idps&utm_campaign=duo\" rel=\"nofollow ugc\">Duo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-secureauth?utm_source=readme&utm_medium=supported_idps&utm_campaign=secureauth\" rel=\"nofollow ugc\">SecureAuth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-absorb-lms?utm_source=readme&utm_medium=supported_idps&utm_campaign=absorb_lms\" rel=\"nofollow ugc\">Absorb LMS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-adfs?utm_source=readme&utm_medium=supported_idps&utm_campaign=windows\" rel=\"nofollow ugc\">Windows\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-shibboleth-2?utm_source=readme&utm_medium=supported_idps&utm_campaign=shibboleth2\" rel=\"nofollow ugc\">Shibboleth SSO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-centrify?utm_source=Readme&utm_medium=supported_idps&utm_campaign=Centrify\" rel=\"nofollow ugc\">Centrify SSO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsaml-single-sign-on-sso-wordpress-using-custom-idp?utm_source=readme&utm_medium=supported_idps&utm_campaign=customidp\" rel=\"nofollow ugc\">Any Custom IDP Supporting SAML\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-guides?utm_source=readme&utm_medium=supported_idps&utm_campaign=and_more\" rel=\"nofollow ugc\">And more\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Set Up Our WP Single Sign On (SSO) Plugin in Three Easy Steps\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Step 1: Install Our WordPress SAML SSO Plugin\u003C\u002Fstrong>\u003Cbr \u002F>\nDownload the \u003Cstrong>WordPress SAML SSO (Single Sign On) plugin\u003C\u002Fstrong> from the WordPress plugin directory and install it on your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 2: Share Your WordPress Site’s Metadata from the WP SAML Plugin with the Identity Provider (IDP)\u003C\u002Fstrong>\u003Cbr \u002F>\nProvide the \u003Cstrong>Service Provider (SP)\u003C\u002Fstrong>, i.e., your WordPress site’s metadata URL or file, to your \u003Cstrong>Identity Provider (IDP)\u003C\u002Fstrong> to register your WordPress site as a trusted \u003Cstrong>Service Provider (SP)\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 3: Import Your Identity Provider’s (IDP) Metadata into the SAML SSO Plugin\u003C\u002Fstrong>\u003Cbr \u002F>\nNext, upload the IDP’s metadata URL or file to your WordPress site in the plugin settings to enable secure SAML authentication.\u003C\u002Fp>\n\u003Cp>That’s it! Your WordPress site is now secured with enterprise-grade Single Sign On (SSO) authentication. You can verify the connection by using the \u003Cstrong>Test Configuration button\u003C\u002Fstrong> in the SAML plugin.\u003C\u002Fp>\n\u003Ch3>Watch Our Complete Step-by-Step Installation Video for WordPress SSO SAML Login\u003C\u002Fh3>\n\u003Cp>Follow along with our detailed video walkthrough to see exactly how each step works and ensure your SAML SSO login is configured correctly from start to finish.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FgilfhNFYsgc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Here to Support You, Always\u003C\u002Fh3>\n\u003Cp>Whether you have questions about setup, pricing, or how the WordPress SSO SAML plugin works, our expert team is available 24\u002F7 to assist you. Simply reach out to \u003Ca href=\"mailto:samlsupport@xecurify.com\" rel=\"nofollow ugc\">\u003Cstrong>samlsupport@xecurify.com\u003C\u002Fstrong>\u003C\u002Fa>, and we will ensure you receive timely and reliable guidance.\u003C\u002Fp>\n\u003Ch3>Features of Our WordPress SAML Single Sign On (SSO) Plugin\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Unlimited User Authentications:\u003C\u002Fstrong> Allows an unlimited number of users to log in through SAML SSO with your IDP authentication while maintaining optimal site performance during peak traffic.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Auto Login:\u003C\u002Fstrong> Automatically logs users into WordPress if they have an active SAML IDP session, without requiring them to re-enter the IDP credentials.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Force Authentication:\u003C\u002Fstrong> Ensures that users authenticate via SAML IDP each time they log in to the WordPress site, regardless of any active IDP session.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Complete Site Protection:\u003C\u002Fstrong> Secures your site’s frontend pages\u002Fposts and backend WP-Admin pages behind SAML SSO (Single Sign On) by redirecting all users to IDP if an active session is not found on the IDP. You can add another security layer using Media Restriction and REST API authentication.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Automatic User Creation:\u003C\u002Fstrong> Creates new WordPress user accounts automatically on the user’s first Single Sign On login if no account exists by syncing their profile details from the IDP.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Account Linking:\u003C\u002Fstrong> Enables users to log into their existing WordPress accounts via their IDP credentials by matching their username or email in WordPress and SAML IDP. This ensures no duplicate accounts are created.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Just-in-Time (JIT) Profile Updation:\u003C\u002Fstrong> Updates WordPress user accounts at each SAML SSO login (Single Sign On) by syncing data from IDP. It maps basic attributes (username, email, first name, last name, etc.) and advanced\u002Fcustom attributes (department, phone, job title, employee ID, etc.) to maintain accurate user profiles.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Role-based Access:\u003C\u002Fstrong> Assigns WordPress roles such as Administrator, Editor, Author, Contributor, or Subscriber to users during WP SSO login. The role assignment is based on the group information provided by the IDP.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Custom Login Buttons and Shortcodes:\u003C\u002Fstrong> Adds SAML SSO login buttons to the WordPress login page or any page on the site using widgets and shortcodes. You can change the text, font, color, and size of these buttons to match your site’s design.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Single Logout (SLO):\u003C\u002Fstrong> Terminates a user’s session on the WordPress site and the IDP simultaneously when logging out of either of them.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Login Using Multiple IDPs:\u003C\u002Fstrong> Allows users to authenticate with different Identity Providers (IDPs) when logging into WordPress. You can also set up email domain mapping so users are automatically directed to the right IDP. For example, an organization can easily set up Azure AD SSO, Azure B2C SSO, Okta SSO, or any other IDP for employees, and use Gsuite SSO (Gsuite Login) for partners or vendors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Certificate Sync and Multiple Certificates:\u003C\u002Fstrong> Automatically syncs X.509 certificates from the SAML Identity Provider (IDP), managing rollover, replacement, and addition without disrupting the SSO connection. It also supports multiple active certificates from the same IDP, allowing WordPress to work with custom setups or environments where more than one certificate is in use.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress SSO on Multisite Networks:\u003C\u002Fstrong> Applies one SSO configuration to all subsites in a WordPress multisite network. This centralizes SSO management, so you do not need to configure each subsite individually.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Single & Multi‑Tenant Azure AD Login:\u003C\u002Fstrong> Connects both single-tenant (one directory) and multi-tenant (multiple directories) Azure AD(Login with Azure AD) or Office 365 Login to WordPress. Users from different tenants can log in to WordPress through Azure AD SSO using their existing accounts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cross-Environment Deployment:\u003C\u002Fstrong> Supports multiple environments such as Development, Test, and Production, allowing IT teams to configure WordPress SSO once and maintain consistent settings across all instances.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WP‑CLI Support:\u003C\u002Fstrong> Provides WP‑CLI commands for activating licenses, configuring WP SSO settings, importing or exporting configurations, and updating the plugin. All key SAML SSO functions can be managed from the command line without using the WordPress dashboard.\u003C\u002Fp>\n\u003Ch3>Extend Your Single Sign On Experience With Our Addons\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-user-provisioning?utm_source=readme&utm_medium=addons&utm_campaign=user_provisioning\" rel=\"nofollow ugc\">\u003Cstrong>Real-time SCIM User Provisioning:\u003C\u002Fstrong>\u003C\u002Fa> Syncs user records between the SAML IDP and WordPress in real time when the user is created, updated, or removed to maintain accurate data and strengthen security and efficiency.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-page-restriction?utm_source=readme&utm_medium=addons&utm_campaign=page_restriction\" rel=\"nofollow ugc\">\u003Cstrong>Page and Post Restriction:\u003C\u002Fstrong>\u003C\u002Fa> Controls access to your content by restricting pages and posts to specific user roles or login status (whether a user is logged in). If an unauthorized person attempts to view protected content, they can be automatically redirected to authenticate via a SAML Identity Provider (IDP), the WordPress login page, or any custom URL you specify.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-media-restriction?utm_source=readme&utm_medium=addons&utm_campaign=media_restriction\" rel=\"nofollow ugc\">\u003Cstrong>Media Restriction:\u003C\u002Fstrong>\u003C\u002Fa> Blocks unauthorized downloads of images, videos, and documents by allowing only SAML SSO–verified users with proper IDP permissions to view or retrieve media files.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-attribute-based-redirection-restriction?utm_source=readme&utm_medium=addons&utm_campaign=redirection_restriction\" rel=\"nofollow ugc\">\u003Cstrong>Attribute-Based Redirection:\u003C\u002Fstrong>\u003C\u002Fa> Directs users to specific URLs after Single Sign On based on IDP attributes such as role or department to ensure tailored access paths.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguest-user-login?utm_source=readme&utm_medium=addons&utm_campaign=guest_user_login\" rel=\"nofollow ugc\">\u003Cstrong>Guest User Login (Anonymous Login):\u003C\u002Fstrong>\u003C\u002Fa> Allows users to log in to the WordPress site without creating a WordPress user account for them.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsso-session-management?utm_source=readme&utm_medium=addons&utm_campaign=sso_sessions\" rel=\"nofollow ugc\">\u003Cstrong>SSO Session Management:\u003C\u002Fstrong>\u003C\u002Fa> Sets default or role-specific session timeouts for SAML SSO users according to IDP-assigned roles to balance convenience with security.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-sso-login-audit?utm_source=readme&utm_medium=addons&utm_campaign=sso_audit\" rel=\"nofollow ugc\">\u003Cstrong>SSO Login Audit:\u003C\u002Fstrong>\u003C\u002Fa> Records all user login and registration activities on your WordPress site. It generates detailed reports that track essential information for each session, including the user, login time, and source IP address. The addon also includes advanced search filters for quickly locating specific events within the audit logs.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-ip-whitelisting?utm_source=readme&utm_medium=addons&utm_campaign=wp_ip_whitelisting\" rel=\"nofollow ugc\">\u003Cstrong>WordPress IP Whitelisting:\u003C\u002Fstrong>\u003C\u002Fa> Grants WordPress access to users with specific IPs and allows them to bypass IDP redirection and access restricted content.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-profile-picture-map?utm_source=readme&utm_medium=addons&utm_campaign=wp_profile_map\" rel=\"nofollow ugc\">\u003Cstrong>Profile Picture Mapping:\u003C\u002Fstrong>\u003C\u002Fa> Imports avatar images from the IDP into WordPress profiles for authenticated users to personalize the site experience.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-federation-single-sign-on?utm_source=readme&utm_medium=addons&utm_campaign=federation_sso\" rel=\"nofollow ugc\">\u003Cstrong>Federation SSO:\u003C\u002Fstrong>\u003C\u002Fa> Supports logins from multiple federated organizations, such as universities or research consortia, by leveraging standard IDP federation protocols to unify access.\u003C\u002Fp>\n\u003Cp>Our WordPress Single Sign On SAML plugin also integrates with third-party applications such as \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-learndash-integrator?utm_source=readme&utm_medium=addons&utm_campaign=learndash\" rel=\"nofollow ugc\">\u003Cstrong>LearnDash\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-woocommerce-integrator?utm_source=readme&utm_medium=addons&utm_campaign=woocommerce\" rel=\"nofollow ugc\">\u003Cstrong>WooCommerce\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-buddypress-integrator?utm_source=readme&utm_medium=addons&utm_campaign=buddypress\" rel=\"nofollow ugc\">\u003Cstrong>BuddyPress\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-memberpress-integrator?utm_source=readme&utm_medium=addons&utm_campaign=memberpress\" rel=\"nofollow ugc\">\u003Cstrong>MemberPress\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpaid-membership-pro-integrator?utm_source=readme&utm_medium=addons&utm_campaign=membership_pro\" rel=\"nofollow ugc\">\u003Cstrong>Paid Memberships Pro\u003C\u002Fstrong>\u003C\u002Fa>, and \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso-integrations?utm_source=readme&utm_medium=addons&utm_campaign=more\" rel=\"nofollow ugc\">\u003Cstrong>more\u003C\u002Fstrong>\u003C\u002Fa>, providing a simple SAML Single Sign On (SSO) experience that lets users access courses, online stores, community forums, membership content, and other protected resources with a single login.\u003C\u002Fp>\n\u003Ch3>Top Use Cases of Our WordPress SAML Single Sign On (SSO) Plugin\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Education: SSO for Schools, Universities, and Federated Institutions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our WordPress SAML SSO plugin helps \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-education-and-universities-in-wordpress?utm_source=readme&utm_medium=education_sso&utm_campaign=educational_institutions\" rel=\"nofollow ugc\">\u003Cstrong>educational institutions\u003C\u002Fstrong>\u003C\u002Fa> simplify secure access across their WordPress sites. Faculty and staff can log in through Azure SSO, while external collaborators or research partners authenticate using WordPress Okta SSO, Shibboleth SSO, GSuite SSO\u002F Google Apps SSO, and other IDPs. This flexibility ensures universities can accommodate multiple identity providers without creating separate WordPress accounts for every user.\u003C\u002Fp>\n\u003Cp>Along with multiple IDPs, the WordPress SAML plugin also supports academic federations such as InCommon, HAKA, HKAF, etc. These federations connect entire networks of trusted institutions and allow users to authenticate with their home institution credentials, enabling students, faculty, and researchers from partner universities or organizations to access WordPress resources directly.\u003C\u002Fp>\n\u003Cp>With our WordPress SAML plugin, universities can also manage \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-multisite-single-sign-on-sso-login?utm_source=readme&utm_medium=multisite_sso&utm_campaign=sso_multisite_networks\" rel=\"nofollow ugc\">\u003Cstrong>SSO for Multisite Networks\u003C\u002Fstrong>\u003C\u002Fa> more effectively, making it easy to control access across subsites such as library.uni.edu or research.uni.edu. It further provides \u003Cstrong>Guest User Login\u003C\u002Fstrong> for temporary access by external collaborators, ensuring consistent and secure entry to academic resources.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Healthcare: WordPress SSO for Hospitals, Clinics, and Medical Portals\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Healthcare organizations require access controls that protect sensitive data while remaining compliant with regulations. Our \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso-for-healthcare-medical-institutes?utm_source=readme&utm_medium=healthcare_sso&utm_campaign=sso_plugin_healthcare\" rel=\"nofollow ugc\">\u003Cstrong>WordPress SAML SSO plugin for healthcare\u003C\u002Fstrong>\u003C\u002Fa> allows hospitals, clinics, medical portals, and other Healthcare Providers (HCPs) to authenticate users against their existing IDPs.\u003C\u002Fp>\n\u003Cp>The WordPress SAML SSO plugin includes advanced features such as \u003Cstrong>Force Authentication\u003C\u002Fstrong>, which requires users outside the hospital network to authenticate with their IDP to access organizational resources, while allowing on-site users immediate access without re-authentication.\u003C\u002Fp>\n\u003Cp>To further protect sensitive data, healthcare administrators can configure \u003Cstrong>Role‑based Restrictions\u003C\u002Fstrong> that limit access to patient records, laboratory results, research data, administrative content, and other sensitive information. This ensures that only authorized personnel can view or manage sensitive resources while helping institutions stay compliant with HIPAA and other healthcare data protection standards.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce: SSO for B2B, Institutional Buyers, and E-Commerce\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For online stores, the shopping experience depends on security and convenience working together. Our \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-woocommerce-sso-single-sign-on?utm_source=readme&utm_medium=wp_woocommerce_sso&utm_campaign=saml_sso\" rel=\"nofollow ugc\">\u003Cstrong>WordPress SAML SSO\u003C\u002Fstrong>\u003C\u002Fa> plugin integrates WooCommerce with Identity Providers (IDPs) such as Azure AD, Okta, or even other WordPress sites, allowing customers and staff to sign in with the same credentials they already use in their organization.\u003C\u002Fp>\n\u003Cp>When deployed with the \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-woocommerce-integrator?utm_source=readme&utm_medium=wp_woocommerce&utm_campaign=woocommerce_integrator\" rel=\"nofollow ugc\">\u003Cstrong>WooCommerce Integrator\u003C\u002Fstrong>\u003C\u002Fa>, SSO becomes part of the checkout process. Customers adding products to their carts are prompted to authenticate, and once logged in, their account details and order information synchronize automatically.\u003C\u002Fp>\n\u003Cp>On the backend, manager and staff roles assigned in the IDP flow directly into WooCommerce, granting specific access to order data, inventory, and dealer portals. With user permissions centralized, businesses avoid duplication errors and maintain consistent security across their e‑commerce operations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Multiple Site Businesses: SSO (Single Sign On) in WordPress to WordPress sites\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Many businesses run multiple WordPress sites: a \u003Cstrong>main site\u003C\u002Fstrong> that stores all user accounts and roles (customers, managers, staff), and \u003Cstrong>secondary sites\u003C\u002Fstrong> that provide additional services and resources.\u003C\u002Fp>\n\u003Cp>To avoid repeated logins and maintain consistent user management, the secondary sites can act as Service Providers (SPs) using our SAML Single Sign On plugin, while the main site serves as the Identity Provider (IDP) using the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fminiorange-wp-as-saml-idp\u002F?utm_source=readme&utm_medium=saml_idp&utm_campaign=website_user_plugin\" rel=\"ugc\">\u003Cstrong>SAML IDP – Login with Website Users plugin\u003C\u002Fstrong>\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>When a user tries to access a secondary site, they are redirected to log in on the main site. Upon successful authentication, their credentials, profile details, and roles are passed back to the SP site. This provides seamless access, keeps user data synchronized, and maintains role-based permissions across both sites without manual account duplication.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Enterprise: SSO with Azure AD (Microsoft Entra ID)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our SAML SSO plugin supports both \u003Cstrong>Single-Tenant\u003C\u002Fstrong> and \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-azure-office365-integrations?utm_source=readme&utm_medium=azure365_lp&utm_campaign=multi_tenant_azure\" rel=\"nofollow ugc\">\u003Cstrong>Multi-Tenant Azure AD SSO\u003C\u002Fstrong>\u003C\u002Fa>, allowing users from different Azure AD (Microsoft Entra ID) tenants, whether they belong to separate organizations, subsidiaries, or business units, to securely log in to WordPress using Azure AD.\u003C\u002Fp>\n\u003Cp>To simplify user lifecycle management, the plugin offers full \u003Cstrong>SCIM Provisioning and Deprovisioning\u003C\u002Fstrong>, automatically creating, updating, or removing WordPress accounts whenever changes are made in Azure AD. This ensures user data and permissions remain consistent and up to date across systems without manual intervention.\u003C\u002Fp>\n\u003Cp>For added reliability, the SAML plugin includes \u003Cstrong>Automatic Certificate Synchronization\u003C\u002Fstrong>, handling certificate rotation in Azure AD SSO behind the scenes. This eliminates downtime and prevents login failures, ensuring users can always access WordPress without disruption.\u003C\u002Fp>\n\u003Cp>The WordPress SAML plugin also extends beyond authentication by connecting WordPress with core Microsoft applications, including \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fmicrosoft-sharepoint-wordpress-integration?utm_source=readme&utm_medium=wp_sharepoint_lp&utm_campaign=sharepoint\" rel=\"nofollow ugc\">\u003Cstrong>SharePoint\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fmicrosoft-power-bi-embed-for-wordpress?utm_source=readme&utm_medium=wp_powerbi_lp&utm_campaign=powerbi\" rel=\"nofollow ugc\">\u003Cstrong>Power BI\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-integration-with-dynamics-crm-365-apps?utm_source=readme&utm_medium=wp_dynamic_lp&utm_campaign=dynamic_crm\" rel=\"nofollow ugc\">\u003Cstrong>Dynamics CRM\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-outlook-calendar-events-integration?utm_source=readme&utm_medium=wp_outlook_lp&utm_campaign=outlook\" rel=\"nofollow ugc\">\u003Cstrong>Outlook\u003C\u002Fstrong>\u003C\u002Fa>, and \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-azure-ad-b2c-office-365-integrations?utm_source=readme&utm_medium=azure_b2c_lp&utm_campaign=more\" rel=\"nofollow ugc\">\u003Cstrong>more\u003C\u002Fstrong>\u003C\u002Fa>, making it easy to embed files, display dashboards, and synchronize data within WordPress.\u003C\u002Fp>\n\u003Ch3>Feedback and Support\u003C\u002Fh3>\n\u003Cp>We’re committed to ensuring you have a smooth experience with our \u003Cstrong>WordPress SAML Single Sign On (SSO) plugin\u003C\u002Fstrong>. If you  …\u003C\u002Fp>\n","SAML SSO (Single Sign On) for WordPress Login with Okta, Entra ID, Azure AD\u002FB2C, G-Suite, Shibboleth, OneLogin, Keycloak, Salesforce [24\u002F7 Support]",10000,485532,98,361,"2026-02-19T07:46:00.000Z","6.9.4","3.7","5.6",[129,130,22,23,24],"azure-ad","okta-login","https:\u002F\u002Fminiorange.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminiorange-saml-20-single-sign-on.5.4.1.zip",6,"2023-09-05 00:00:00",{"slug":136,"name":137,"version":138,"author":139,"author_profile":140,"description":141,"short_description":142,"active_installs":143,"downloaded":144,"rating":145,"num_ratings":146,"last_updated":147,"tested_up_to":125,"requires_at_least":148,"requires_php":149,"tags":150,"homepage":152,"download_link":153,"security_score":154,"vuln_count":155,"unpatched_count":29,"last_vuln_date":156,"fetched_at":31},"cloud-sso-single-sign-on","Cloud SAML SSO – Single Sign On Login","1.0.21","Cloud Infrastructure Services","https:\u002F\u002Fprofiles.wordpress.org\u002Fcloudinfrastructureservices\u002F","\u003Ch4>WP Cloud SSO – SAML Single Sign On (WordPress Login Security)\u003C\u002Fh4>\n\u003Cp>WordPress Single Sign On by Cloud Infrastructure Services Ltd. Our \u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002F\" rel=\"nofollow ugc\">WordPress SSO\u003C\u002Fa> plugin offers WordPress SAML SSO Single Sign On for your WordPress logins.  Login to WordPress (WP) using Azure AD, Azure B2C, Okta, ADFS, Keycloak, OneLogin, Salesforce, Google Apps (G Suite), Shibboleth, Auth0 and other IdPs (Identity Providers). It acts as SAML SP (Service Provider) which can be configured to establish a trust between our WordPress SSO plugin and your IDP to securely authenticate and enable SSO \u002F Login for your users into the WordPress (WP) site.\u003C\u002Fp>\n\u003Cp>The following video explains the features of WP Cloud SSO plugin.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FT-flVowguAE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>WP Cloud SSO – WordPress SSO Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Unlimited SSO Authentications\u003C\u002Fstrong> With your SAML IdP. Auto redirect your user logins to WordPress, authenticating against your IDP for SSO authentication. Automate the user experience with auto redirect, no need for username \u002F password for a Single Sign On experience using your IDP to authorise the logins.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SAML Attribute Mapping\u003C\u002Fstrong> Map user attributes from your identity provider to your WordPress user profiles. For example (Name, Username, Email, Job Title, Department, Telephone, City, Profile Picture, & more)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protect WordPress, Auto-Redirect to IDP\u003C\u002Fstrong> Protect your WordPress site (Auto-Redirect to IdP). Only authorised users can login to WordPress. Restrict WordPress to only logged in users by redirecting the users to your IdP if logged in session is not found\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Role Mapping\u003C\u002Fstrong> Automatically assign WordPress roles to users based on SAML IDP group membership. Restrict access to WordPress based on IDP Groups. Making WordPress secure and controlling WordPress user permissions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple WordPress Environments Support\u003C\u002Fstrong> Manage multiple WordPress environments (Prod, Dev, Staging, Test). Migrate between test\u002Fstaging environments keeping your SSO config and attribute mappings inplace. Supports platforms like (WP Engine, Pantheon, Sub domains & more).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Single Signout\u003C\u002Fstrong> Logs the user out of your Identity Provider on logout from WordPress site acting as Service Provider (SP) and terminates current login session on both ends.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SAML Avatar Profile Pic Sync\u003C\u002Fstrong> If you’re using Office 365, you have the option to sync your AzureAD \u002F Office365 profile pics to your WordPress users avatar\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-sync IdP Configuration from metadata\u003C\u002Fstrong> Easily upload your IDP metadata XML file, making it easier to sync your SAML metadata to WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget, Shortcode to add SAML IDP Login Link\u003C\u002Fstrong> Customise your login page with our WordPress widget login customiser. Use shortcode to place login links anywhere on WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple SAML IDP Support\u003C\u002Fstrong> Add as many SAML Identiry providers to allow your users to login from any IDP\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Free Version Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Unlimited Authentications\u003C\u002Fstrong> With 1 SAML Identity provider\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Basic Attribute Mapping\u003C\u002Fstrong> Basic Attribute Mapping (Email, First Name, Last Name, Display Name)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget, Shortcode to add SAML IDP Login Link\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protect WordPress, Auto-Redirect to IDP\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium Version Features 10 Day Free Trial\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>All features from Free Version\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Attribute Mapping\u003C\u002Fstrong> Map any SAML user attributes to your WordPress users, for example (Job Title, Department, Telephone, City, Employee ID, etc etc)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Role Mapping\u003C\u002Fstrong> Use IDP groups to map WordPress roles based on group membership (Default, Administrator, Editor, Author, Contributor, Subscriber). Allowing you to secure access to WordPress logins.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SAML Single Logout\u003C\u002Fstrong> Allows the user to logout of your IDP when logging out of WordPress and terminates current login session on both ends.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-sync IdP Configuration from metadata\u003C\u002Fstrong> Sync IDP metadata to WordPress automatically.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dedicated WordPress Support Team\u003C\u002Fstrong> Access to our WordPress support team if you have any questions or assistance setting up WP Cloud SSO.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Enterprise Version Features 10 Day Free Trial\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>All features from Free Version & Premium\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple Environments Support \u002F Migration (Dev, Staging, Prod)\u003C\u002Fstrong> Add Multiple Environments SSO support (Staging, Dev, Test). Merge SSO Settings \u002F Copy between evironments. Also works with (WP Engine, Pantheonsite, Kinsta, sub domains & Other WordPress Managed Platforms)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple SAML IDP Support (Add unlimited SAML IDPs)\u003C\u002Fstrong> Add as many IDPs as needed, no restrictions. Add unlimited amount of SAML identity providers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sync SAML User Pics to WordPress Avatar\u003C\u002Fstrong> Sync supported SAML provider user pictures to WordPress user avatars. For example Office 365 user profile pictures.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>List of Supported SAML Identity Providers\u003C\u002Fh3>\n\u003Cp>WP Cloud SSO supports the following SAML Single Sign On Providers. Full setup instructions to enable SSO for your WordPress Logins.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002Foffice-365-azure-ad-sso\u002F\" rel=\"nofollow ugc\">WordPress Azure AD SSO\u003C\u002Fa> (Setup Azure AD SAML SSO for your WordPress Azure AD Logins)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002Fwordpress-office-365-login-wp-cloud-sso\u002F\" rel=\"nofollow ugc\">WordPress Office 365 Login\u003C\u002Fa> (Setup Office 365 SAML SSO for your WordPress Office 365 Logins)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002Fadfs-sso-for-wordpress\u002F\" rel=\"nofollow ugc\">WordPress ADFS SSO\u003C\u002Fa> (Setup Microsoft ADFS SAML SSO for your WordPress ADFS Logins)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002Fwordpress-single-sign-on-using-azure-b2c-saml-login\u002F\" rel=\"nofollow ugc\">WordPress Azure B2C SSO\u003C\u002Fa> (Setup Azure B2C SAML SSO for your WordPress Azure B2C Logins)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002Fwordpress-sso-using-salesforce-saml-login-idp\u002F\" rel=\"nofollow ugc\">WordPress Salesforce SSO\u003C\u002Fa> (Setup Salesforce SAML SSO for your WordPress Salesforce Logins)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002Fwordpress-google-apps-login-single-sign-on-saml-idp\u002F\" rel=\"nofollow ugc\">WordPress Google Apps \u002F GSuite SSO\u003C\u002Fa> (Setup Google Apps \u002F GSuite SAML SSO for your WordPress Google Logins)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002Fwordpress-single-sign-on-using-onelogin-as-saml-idp\u002F\" rel=\"nofollow ugc\">WordPress OneLogin SSO\u003C\u002Fa> (Setup OneLogin SAML SSO for your WordPress OneLogin Logins)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002Fwordpress-sso-using-okta-as-saml-idp\u002F\" rel=\"nofollow ugc\">WordPress Okta SSO\u003C\u002Fa> (Setup Okta SAML SSO for your WordPress Okta Logins)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002Fwordpress-sso-using-keycloak-as-saml-idp\u002F\" rel=\"nofollow ugc\">WordPress KeyCloak SSO\u003C\u002Fa> (Setup KeyCloak SAML SSO for your WordPress KeyCloak Logins)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002Fwordpress-sso-using-auth0-saml-idp-wp-auth0-login\u002F\" rel=\"nofollow ugc\">WordPress Auth0 SSO\u003C\u002Fa> (Setup Auth0 SAML SSO for your WordPress Auth0 Logins)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>Check our website for more details on \u003Ca href=\"https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002Fwordpress-sso-single-sign-on\u002F\" rel=\"nofollow ugc\">WordPress Single Sign On\u003C\u002Fa> using WP Cloud SSO plugn and setup documentation.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","WordPress SSO using SAML IDPs to enable single sign on using Azure AD, Office 365, Okta, ADFS, KeyCloak, OneLogin, Salesforce, Google Apps Gsuite",100,5862,80,4,"2026-01-15T07:54:00.000Z","5.7","7.2",[129,151,22,23,24],"office-365","https:\u002F\u002Fcloudinfrastructureservices.co.uk\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcloud-sso-single-sign-on.1.0.21.zip",94,3,"2025-09-05 00:00:00",{"slug":158,"name":159,"version":160,"author":161,"author_profile":162,"description":163,"short_description":164,"active_installs":165,"downloaded":166,"rating":29,"num_ratings":29,"last_updated":167,"tested_up_to":125,"requires_at_least":168,"requires_php":169,"tags":170,"homepage":173,"download_link":174,"security_score":143,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"authress","SSO Login – Universal (OAuth + SAML)","0.2.107","Authress","https:\u002F\u002Fprofiles.wordpress.org\u002Fauthress\u002F","\u003Cp>This plugin upgrades the standard \u003Cstrong>WordPress login\u003C\u002Fstrong> forms with one powered by \u003Ca href=\"https:\u002F\u002Fauthress.io\" rel=\"nofollow ugc\">Authress\u003C\u002Fa> that enables:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Universal authentication\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Over 40 social login providers\u003C\u002Fli>\n\u003Cli>Enterprise connections (SAML, Office 365, Google Apps, and more)\u003C\u002Fli>\n\u003Cli>Customer configurable SSO connections\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ultra secure\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>User identity\u003C\u002Fli>\n\u003Cli>Security access policies\u003C\u002Fli>\n\u003Cli>Mitigate brute force attacks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Which includes:\u003Cbr \u002F>\n– Azure AD and B2C\u003Cbr \u002F>\n– Office 365\u003Cbr \u002F>\n– WSO2\u003Cbr \u002F>\n– Ping Identity\u003Cbr \u002F>\n– Okta\u003Cbr \u002F>\n– Auth0\u003Cbr \u002F>\n– Keyclock\u003Cbr \u002F>\n– LinkedIn\u003Cbr \u002F>\n– Salesforce\u003Cbr \u002F>\n– Twitter\u003Cbr \u002F>\n– Google Workspace\u003Cbr \u002F>\n– Yahoo\u003Cbr \u002F>\n– Salesforce\u003Cbr \u002F>\n– Hubspot\u003Cbr \u002F>\n– Steam\u003Cbr \u002F>\n– Slack\u003Cbr \u002F>\n– And any custom OAuth2.1, OpenID, or SAML provider\u003C\u002Fp>\n\u003Cp>With \u003Cstrong>SSO Login\u003C\u002Fstrong>, you can automatically support business and enterprise customers that have important security requirements for their users to use your site and platform.\u003C\u002Fp>\n\u003Ch3>Technical Notes\u003C\u002Fh3>\n\u003Cp>By using this plugin you are delegating the site authentication and profile handling to Authress. That means that you won’t need to use the WordPress database to authenticate users and the default WordPress login forms will be upgraded to support the new SSO Login flow.\u003C\u002Fp>\n\u003Cp>Please see our \u003Ca href=\"https:\u002F\u002Fauthress.io\u002Fknowledge-base\u002F\" rel=\"nofollow ugc\">knowledge base\u003C\u002Fa> for more information on how Authress authenticates and manages your users.\u003C\u002Fp>\n\u003Ch4>Migrating Existing Users\u003C\u002Fh4>\n\u003Cp>Authress allows multiple authentication providers. You can have social providers like Facebook, Twitter, Google+, a database of users and passwords (just like WordPress), or you can use an Enterprise directories like, Office365, Google Apps, SAML, OpenID, OAuth2.1. All those authentication providers are supported and more.\u003C\u002Fp>\n\u003Ch3>How to customize this plugin\u003C\u002Fh3>\n\u003Cp>This plugin provides extension points to make it easier to configure it exactly as you need. Check out the full docs:\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FAuthress\u002Fwordpress-sso-login\u002Fblob\u002Fmain\u002Fdocs\u002Fcustomizations.md\" rel=\"nofollow ugc\">SSO Login customizations\u003C\u002Fa>\u003C\u002Fp>\n","SSO Login provides user login, business authentication, SSO, Social login, and Single Sign-On for all sites.",10,5181,"2025-11-29T18:03:00.000Z","5.5","8.2",[171,172,22,23,24],"login","oauth","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fauthress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauthress.0.2.107.zip",{"slug":176,"name":177,"version":178,"author":179,"author_profile":180,"description":181,"short_description":182,"active_installs":29,"downloaded":183,"rating":143,"num_ratings":107,"last_updated":184,"tested_up_to":185,"requires_at_least":186,"requires_php":187,"tags":188,"homepage":190,"download_link":191,"security_score":143,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"frontegg-saml-sso","Frontegg SAML SSO","1.0.1","Frontegg","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrontegg\u002F","\u003Cp>Frontegg SAML SSO replaces the default WordPress login and logout experiences with seamless SAML authentication via \u003Ca href=\"https:\u002F\u002Ffrontegg.com\" rel=\"nofollow ugc\">Frontegg\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin is designed for modern SaaS and enterprise WordPress environments where you need to enforce login via an external identity provider (IdP).\u003C\u002Fp>\n\u003Cp>It includes:\u003Cbr \u002F>\n– 🔐 Secure SAML 2.0 login and logout\u003Cbr \u002F>\n– 📋 Admin-friendly configuration of SSO URLs and certificate\u003Cbr \u002F>\n– 📎 Auto-generated SP (Service Provider) values (Entity ID, ACS URL, SLO URL)\u003Cbr \u002F>\n– 🧭 Redirect control after logout\u003Cbr \u002F>\n– 🔄 Auto-redirects from \u003Ccode>wp-login.php\u003C\u002Fcode> to Frontegg\u003Cbr \u002F>\n– ✨ Clean and accessible admin UI using native WordPress components\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPL v2.0 or later. See LICENSE.txt for details.\u003C\u002Fp>\n","Replace the WordPress login and logout flows with secure SAML-based authentication via Frontegg. Easily configure your SSO app from the admin panel.",320,"2025-04-23T23:01:00.000Z","6.8.5","5.0","7.4",[189,171,22,23,24],"authentication","https:\u002F\u002Ffrontegg.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffrontegg-saml-sso.zip",{"slug":193,"name":194,"version":195,"author":116,"author_profile":117,"description":196,"short_description":197,"active_installs":11,"downloaded":198,"rating":122,"num_ratings":199,"last_updated":200,"tested_up_to":125,"requires_at_least":201,"requires_php":202,"tags":203,"homepage":206,"download_link":207,"security_score":208,"vuln_count":165,"unpatched_count":29,"last_vuln_date":209,"fetched_at":31},"miniorange-login-with-eve-online-google-facebook","OAuth Single Sign On – SSO (OAuth Client)","6.26.17","\u003Cp>\u003Cstrong>WordPress Single Sign-On\u003C\u002Fstrong> (WordPress SSO) with our \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-sso?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_1\" rel=\"nofollow ugc\">OAuth & OpenID Connect plugin\u003C\u002Fa>\u003C\u002Fstrong> allows unlimited login\u002FSSO (Single Sign On) with your \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-ad-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_2\" rel=\"nofollow ugc\">Azure AD\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-b2c-ad-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_3\" rel=\"nofollow ugc\">Azure B2C\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgoogle-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_4\" rel=\"nofollow ugc\">G Suite \u002F Google Apps \u002F Google Workspace\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclasslink-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_12\" rel=\"nofollow ugc\">ClassLink\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclever-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_11\" rel=\"nofollow ugc\">Clever\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foffice-365-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_5\" rel=\"nofollow ugc\">Office 365\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Faws-cognito-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_6\" rel=\"nofollow ugc\">AWS Cognito\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdiscord-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_7\" rel=\"nofollow ugc\">Discord\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fping-federate-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">PingFederate\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsalesforce-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_10\" rel=\"nofollow ugc\">Salesforce\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fkeycloak-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_9\" rel=\"nofollow ugc\">Keycloak\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fokta-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_8\" rel=\"nofollow ugc\">Okta\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidentityserver4-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Identity Server\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Finvision-community-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Invision Community\u003C\u002Fa>\u003C\u002Fstrong> or other custom OAuth 2.0 and OpenID Connect providers. WordPress SSO plugin supports Single Sign On (SSO) with many OAuth 2.0, OAuth 2.1, OAuth 1.0 & OpenID Connect (OIDC) 1.0 providers.\u003C\u002Fp>\n\u003Cp>An unlimited number of users can perform Single Sign-On with OAuth\u002FOIDC supported Identity Providers on WordPress using SSO capabilities.\u003C\u002Fp>\n\u003Cp>|\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-sso#key-features\" rel=\"nofollow ugc\"> Features \u003C\u002Fa>| \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso-with-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_13\" rel=\"nofollow ugc\"> OAuth \u002F OpenID Providers Setup guides \u003C\u002Fa>|\u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FVff0E0KxM3k\" rel=\"nofollow ugc\"> Videos \u003C\u002Fa>|\u003C\u002Fp>\n\u003Ch4>POPULAR OAUTH AND OPENID CONNECT (OIDC) PROVIDERS SINGLE SIGN-ON\u003C\u002Fh4>\n\u003Cp>The following providers support OAuth 2.0\u002FOpenID Connect SSO for WordPress login.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Faws-cognito-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_6\" rel=\"nofollow ugc\">AWS Cognito SSO | Login with AWS Cognito\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foffice-365-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_5\" rel=\"nofollow ugc\">Office 365 SSO | Login with Office 365\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-b2c-ad-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_3\" rel=\"nofollow ugc\">Azure B2C SSO | Login with Azure B2C\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-ad-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Azure AD SSO | Login with Azure AD\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fadfs-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">ADFS SSO | Login with ADFS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fauth0-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Auth0 SSO | Login with Auth0\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fokta-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_8\" rel=\"nofollow ugc\">OKTA SSO | Login with OKTA\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclasslink-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_12\" rel=\"nofollow ugc\">ClassLink SSO | Login with ClassLink\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fkeycloak-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_9\" rel=\"nofollow ugc\">Keycloak SSO | Login with Keycloak\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclever-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_11\" rel=\"nofollow ugc\">Clever SSO | Login with Clever\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgoogle-classroom-single-sign-on-sso\" rel=\"nofollow ugc\">Google Classroom SSO | Login with Google Classroom\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsalesforce-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_10\" rel=\"nofollow ugc\">Salesforce SSO | Login with Salesforce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-oauth-openid-connect-single-sign-on-sso-using-criipto?utm_source=Readme&utm_medium=Readme&utm_campaign=Readme&utm_id=wpor_15\" rel=\"nofollow ugc\">Criipto SSO | Login with Criipto\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgoogle-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_4\" rel=\"nofollow ugc\">G Suite \u002F Google Apps SSO | Login with Google\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fping-federate-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Ping Federate SSO ( Ping \u002F Ping Identity ) | Login with Ping Federate\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidentityserver4-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">IdentityServer4 SSO | Login with IdentityServer4\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidentityserver3-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">WordPress IdentityServer3 SSO | Login with IdentityServer3\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdiscord-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_7\" rel=\"nofollow ugc\">Discord SSO | Login with Discord\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fonelogin-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">OneLogin SSO | Login with OneLogin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fswiss-rx-login-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">Swiss-RX-Login SSO ( Swiss RX Login ) | Login with Swiss-RX-Login\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fneon-crm-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Neon CRM SSO | Login with Neon CRM\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fimis-oauth-and-openid-connect-single-sign-on-sso\" rel=\"nofollow ugc\">iMIS SSO | Login with iMIS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsignicat-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Signicat SSO | User Verification with Signicat\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fid-me-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">ID.me SSO | Login with ID.me\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fcanvas-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Canvas SSO | Login with Canvas\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-setup-single-sign-on-between-two-wordpress-sites\" rel=\"nofollow ugc\">WordPress SSO | Login with WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwso2-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">WSO2 SSO | Login with WSO2\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fopenathens-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">OpenAthens SSO | Login with OpenAthens\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhp-single-sign-on-sso-oauth-and-openid-connect\" rel=\"nofollow ugc\">HP SSO | Login with HP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fservicenow-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Servicenow SSO | Login with Servicenow\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Finvision-community-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Invision Community SSO | Login with Invision Community\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fforgerock-open-am-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">OpenAM \u002F Forgerock SSO | Login with Forgerock\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fnextcloud-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">NextCloud SSO | Login with NextCloud\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Forcid-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Orcid SSO | Login with Orcid\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fmemberclicks-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">Memberclicks SSO | Login with MemberClicks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsheepcrm-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">SheepCRM SSO | Login with SheepCRM\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Famazon-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">Amazon SSO | Login with Amazon\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fslack-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Slack SSO | Login with Slack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fyahoo-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Yahoo SSO | Login with Yahoo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flinkedin-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">LinkedIn SSO | Login with LinkedIn\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgitlab-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Gitlab SSO | Login with Gitlab\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgithub-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">GitHub SSO | Login with GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-apple-app-using-wordpress-oauth-client\" rel=\"nofollow ugc\">Apple SSO | Login with Apple\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstrava-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Strava SSO | Login with Strava\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fblizzard-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Blizzard \u002F Battle.net SSO | Login with Battle.net\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Feve-online-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Eve Online SSO | Login with Eve Online\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhubspot-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">Hubspot SSO | Login with Hubspot\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ftwitter-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">X(Twitter) SSO | Login with Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fzoho-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Zoho SSO | Login with Zoho\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidaptive-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">Idaptive SSO | CyberArk SSO | Login with CyberArk\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwhmcs-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">WHMCS SSO | Login with WHMCS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ffranceconnect-single-sign-on-sso-wordpress-oauth\" rel=\"nofollow ugc\">France Connect SSO | Login with France Connect\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>OTHER OAUTH AND OPENID CONNECT (OIDC) PROVIDERS WE SUPPORT FOR WORDPRESS SINGLE SIGN-ON (SSO)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Other OAuth 2.0 and OpenId Connect ( OIDC ) 1.0 servers WordPress Single Sign-On ( SSO ) plugin support includes Office 365, AWS Cognito, Microsoft Dynamic CRM 365, Auth0, Google Workspace, Egnyte, Autodesk, Zendesk, Foursquare, Harvest, Mailchimp, Bitrix24, Spotify, Vkontakte, Huddle, Reddit, Strava, Ustream, Yammer, RunKeeper, Instagram, SoundCloud, Pocket, PayPal, Pinterest, Vimeo, Nest, Heroku, DropBox, Buffer, Box, Hubic, Deezer, DeviantArt, Delicious, Dailymotion, Bitly, Mondo, Netatmo, Amazon, FitBit, Clever, Sqaure Connect, Windows, Microsoft Live, Dash 10, Github, Invision Community, Blizzard, authlete, Keycloak, Procore, Eve Online, Laravel Passport, Nextcloud, Renren, Soundcloud, OpenAM \u002F Forgerock, IdentityServer, ORCID, Diaspora, Timezynk, Idaptive CyberArk, Duo Security, Rippling, Crowd, Janrain, Numina Solutions, Ubuntu Single Sign-On, Apple, Ipsilon, Zoho, Stripe, Itthinx, Fellowshipone, Miro, Naver, Clever, Coil, Parallel Markets, VATSIM, Liferay, Fatsecret, Intuit, iMIS, ORY Hydra, FusionAuth, Kakao, ID.me, MoxiWorks, HR Answerlink \u002F Support center, ClassLink, Google Classroom, MemberClicks, BankID, CSI, Splitwise, Infusionsoft, Hubspot, Join It, MyAcademicID, MemberConnex, Novi, Coassemble, Servicenow, IBM APP ID, Nimble AMS, iSpring LMS, Neon CRM, EPIC, IPB forum, Wiziq, Sprinklr, Elvanto, ABSORB LMS, Wechat, Weibo, Shibboleth, Centrify, FranceConnect, Church Online, Bigcommerce, Sewobe, PracticePanther, SubscribeStar, Eventbrite, Medi-Access, Lichess, CILogon, Servicem8, Gigya, PhantAuth, XING, Simplecast, SURF, MediaWiki, UNA, NetSuite, Oracle IDCS, Globus, Square, SimpleSAMLphp, Basecamp, HP, SHELL, Otoy, Steam, Webflow, Simplepass, Feide, SingPass, Asmodee, SwissID, Miro, Alkami, Switch, Citrix, Schoology, iGov, LearnWorlds, France Connect, DID, Blackboard, UAEPass, Polar, CodeB, Vincere CRM, F5, TicketMaster, BizLibrary, Skolon, Rapattoni, PowerSchool, Minecraft, NETS, Joomla, Drupal, ASP.NET, CA Siteminder, Outseta, XUMM, ID Austria, Ubisecure, Gravitee.io, SheepCRM, Wahoo, WeatherFlow Tempest, OneWelcome \u002F iWelcome, Xbox, Trovo, Cornerstone, Criipto, bare.id, Discourse, Authentik, Sailpoint, Coil, Asset Bank, GrowthZone, Vipps, Authorizer, Deviant Art, Miracl, Teamsnap, Authelia, Django, IDsampa, Cvent, SERMO, Pixelfed, Finys, Login.gov, Fastcase, Acuity, ARPA, Zitadel, Yeti, myID.be, memberful,Open edX \u002F eduNEXT, Teachable, Mindbody etc. This comprehensive SSO support facilitates seamless integration and secure authentication across a wide range of platforms.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Single Sign-On ( Login to WordPress )\u003C\u002Fh4>\n\u003Cp>WordPress Single Sign-On allows users to log into any website\u002Fapplication using the single set of credentials of another app\u002Fsite through the SSO feature.\u003Cbr \u002F>\n\u003Cstrong>Example:\u003C\u002Fstrong>Let’s say you have all your users\u002Fcustomers\u002Fmembers\u002Femployees stored on a site, called ‘site A’ and you want all of them to register\u002Flogin using SSO to your WordPress site called ‘site B’. In this scenario, you can register\u002Flogin all your users of site A into site B using the login credentials\u002Faccount of site A. This is called Single Sign-On, and it simplifies user management.\u003C\u002Fp>\n\u003Ch4>WordPress Single Sign-On supported Third-Party Application \u002F OAuth OpenID Provider\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The Third-Party Application can be anything where user accounts are stored or a site\u002Fapplication where you want to store\u002Fmigrate all the users. It can be your social login app, WordPress site, OAuth provider, OpenID provider, custom provider or any database.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Identity providers such as OAuth Identity Provider, OAuth Server, OpenID Connect Server, OpenID Connect Provider, and OIDC Application support Single Sign-On. SSO integration ensures secure user authentication and management across these platforms.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>OAuth and OpenID Connect are token-based Single Sign-On protocols that allow an end user’s account information to be used by third-party services without exposing the user’s password.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Single Sign-On USE CASES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress to WordPress SSO\u003C\u002Fstrong>: Single Sign On to one\u002Fmultiple WordPress site (single\u002Fmultisite) using User Credentials stored on another WordPress site with WordPress SSO plugin.\u003C\u002Fli>\n\u003Cli>Single Sign On to one\u002Fmultiple WordPress site (single \u002F multisite) using User Credentials stored on your OAuth \u002F OpenID Connect (OIDC) application.\u003C\u002Fli>\n\u003Cli>Single Sign On into WordPress using existing User stores (Active Directory\u002FDatabase)\u003C\u002Fli>\n\u003Cli>SSO and extended plugin functionality using tokens (access_token \u002F JWT token \u002F id_token) such as secure API calls using third-party token\u003C\u002Fli>\n\u003Cli>Others: eCommerce Single Sign On\u002FLogin, Single sign on for Educational and Healthcare paltforms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Microsoft SSO\u002FAzure SSO\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This WordPress Single Sign-On (OAuth \u002F OpenID Connect SSO) plugin supports SSO with Microsoft apps like Azure AD, Azure B2C, Office 365, Microsoft Dynamics CRM, Microsoft Teams, and Windows Live. It also supports policy-based login redirections, including sign-up, sign-in, forgot password, and custom policies, enhancing the login experience across Microsoft services.\u003C\u002Fp>\n\u003Cp>WordPress integrates with Microsoft services like Azure AD, Azure B2C, and Office 365 for secure Single Sign-On across single-site and multisite networks (including subdomains). Users can perform single sign-on, map profile attributes, and manage role-based access across applications and tenants using SSO\u003C\u002Fp>\n\u003Cp>Apart from SSO, it also supports WordPress-Azure integrations and customizations, such as token-based calls to specific APIs and the Microsoft Graph API, enhancing the login experience\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cognito SSO\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The WordPress Single Sign-On plugin supports WordPress Login with AWS Cognito, Amazon, and WordPress using Cognito. It provides user profile syncing, role mapping, and token fetching from AWS Cognito for API calls. Customizations include integrating Cognito SDKs, syncing new registrations, logging in via the default WordPress form instead of Cognito’s SSO page, connecting to the Cognito User Pool, and configuring login redirections.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Discord SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nThis WordPress Single Sign-On plugin enables Discord login into WordPress. It supports syncing user profiles from Discord to WordPress, mapping Discord roles to WordPress roles, mapping WordPress roles to Discord roles, and managing Discord role memberships based on WordPress purchases.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Keycloak SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nThe WordPress Single Sign-On (OAuth \u002F OpenID Connect SSO) plugin works with Keycloak to enable SSO on your WordPress site. It also lets WordPress use Keycloak access tokens to call external services. In addition, the plugin supports role-based access control (RBAC), so you can map Keycloak roles to WordPress roles and capabilities.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Ping Federate SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nOauth Single sign-on plugin enables Login to WordPress using PingFederate. It supports Single Sign-On  with authorized access to Ping REST APIs via access tokens or bearer tokens, ensuring seamless SSO integration and secure interactions with PingFederate.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Clever SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nOauth Single sign-on plugin supports WordPress Login with Clever for users (teachers, students, admins) and integrates with LearnDash to sync lessons and assignments. It also provides SSO with other IDPs like ClassLink, Google Classroom, and Canvas, as well as any Identity Provider (SAML, OAuth, OpenID Connect, Active Directory, databases) via miniOrange IDP.\u003C\u002Fp>\n\u003Ch4>FREE VERSION FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress Single Sign-On OAuth & OpenID Connect Login supports unlimited SSO with any 3rd party OAuth & OpenID Connect server or custom OAuth & OpenID Connect server like AWS Cognito, Azure AD, Azure AD B2C, Office 365, Google Apps, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Single Sign-On  Grant Support\u003C\u002Fstrong> – Standard OAuth2 Grant: Authorization Code\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto Create Users ( User Provisioning )\u003C\u002Fstrong> : After Single Sign On, a new user automatically gets created in WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Account Linking\u003C\u002Fstrong> : After SSO, if the user already exists in WordPress, then their profile gets updated. Else, a new WordPress User is created.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attribute Mapping\u003C\u002Fstrong> : OAuth Login allows you to map your Identity Provider’s unique attribute with WordPress Username Attribute.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Widget\u003C\u002Fstrong> : Use Widgets to integrate the Single Sign-On login on your WordPress site easily.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OpenID Connect & OAuth Provider Support\u003C\u002Fstrong> : WordPress Single Sign On (OAuth Login) supports any OpenID Connect & OAuth Provider seamless Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Redirect URL after Login\u003C\u002Fstrong> : WordPress Single Sign On (OAuth Login) automatically redirects the user after successful Single Sign-On login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logging\u003C\u002Fstrong> : If you run into issues, WordPress Single Sign On (OAuth Login) can be helpful to enable debug logging.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PAID FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Single Sign-On Grant Support\u003C\u002Fstrong>: Standard OAuth2 Grants including \u003Cstrong>Authorization Code\u003C\u002Fstrong>, \u003Cstrong>Implicit Grant\u003C\u002Fstrong>, \u003Cstrong>Password Grant\u003C\u002Fstrong>, \u003Cstrong>Refresh Token Grant\u003C\u002Fstrong>, \u003Cstrong>Client Credential Grant\u003C\u002Fstrong>, \u003Cstrong>authorization code grant with PKCE flow\u003C\u002Fstrong>, and \u003Cstrong>Hybrid Grant\u003C\u002Fstrong> (Customization Available)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto Register Users\u003C\u002Fstrong>: Automatic user registration after SSO if the user is not already registered with your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Attribute Mapping\u003C\u002Fstrong>: Ability to map WordPress user profile attributes, such as username, first name, last name, and email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Role Mapping\u003C\u002Fstrong>: Assign roles to users based on defined rules through Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Force Authentication \u002F Protect Complete Site\u003C\u002Fstrong>: Protect the entire website for public users and grant access only to authenticated users through Single Sign-on.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Attribute Mapping\u003C\u002Fstrong>: Map custom user attributes received from OAuth \u002F OpenID Connect providers to any WordPress user attribute for Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple OAuth & OpenID Connect Provider Support\u003C\u002Fstrong>: Support for multiple SSO providers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Single Login button for Multiple Apps\u003C\u002Fstrong>: Provides a single login button for multiple providers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Extended OAuth API Support\u003C\u002Fstrong>: Extend OAuth \u002F OpenID Connect API support for enhanced Single Sign-On functionality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Single Sign-On Login Reports\u003C\u002Fstrong>: Generate user login and registration reports based on the application used for SSO.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enable \u002F Disable WordPress Default Login\u003C\u002Fstrong>: Option to disable the default WordPress login form and use SSO instead.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>FrontChannel & BackChannel Single Logout Support\u003C\u002Fstrong>: Allows users to be logged out from WordPress as well as the IDP through Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Third-Party Plugin Compatibility for Single Sign-On\u003C\u002Fstrong>: Compatible with WooCommerce and other third-party plugins for seamless Single Sign-On integration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Add-on Support with Plugin\u003C\u002Fstrong>: Support for various add-ons including SCIM User Provisioning, Page & Post Restriction, BuddyPress Integration, Login Form Add-on, LearnDash Integration, Media Restriction, Attribute\u002FMembership-Based Redirection, SSO Session Management, Paid Membership Pro Integrator, WooCommerce Integrator, SSO Login Audit, Memberpress Integration, and Guest User Login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No SSL Restriction\u003C\u002Fstrong>: Allows SSO login without SSL or HTTPS-enabled site using Google credentials or any other app.\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress SSO (Single Sign On) with Azure, Azure B2C, Cognito, Okta, Classlink, Discord, Clever, Keycloak, OAuth & OpenID Providers [24\u002F7 SUPPORT].",266899,315,"2025-12-15T05:56:00.000Z","3.0.1","7.0",[171,204,205,23,24],"oauth-2-0","openid","https:\u002F\u002Fwww.miniorange.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminiorange-login-with-eve-online-google-facebook.6.26.17.zip",82,"2026-02-05 18:30:28",{"attackSurface":211,"codeSignals":294,"taintFlows":497,"riskAssessment":569,"analyzedAt":580},{"hooks":212,"ajaxHandlers":290,"restRoutes":291,"shortcodes":292,"cronEvents":293,"entryPointCount":29,"unprotectedCount":29},[213,219,223,226,230,234,238,242,246,251,255,258,261,263,266,268,270,274,278,282,287],{"type":214,"name":215,"callback":216,"file":217,"line":218},"action","init","saml_load_translations","onelogin_saml.php",41,{"type":214,"name":220,"callback":221,"file":217,"line":222},"admin_menu","onelogin_saml_configuration",44,{"type":214,"name":215,"callback":224,"priority":107,"file":217,"line":225},"saml_checker",47,{"type":214,"name":227,"callback":228,"file":217,"line":229},"network_admin_menu","onelogin_saml_configuration_multisite",51,{"type":214,"name":231,"callback":232,"file":217,"line":233},"network_admin_edit_network_saml_global_settings","onelogin_saml_global_configuration_multisite_save",52,{"type":214,"name":235,"callback":236,"file":217,"line":237},"network_admin_edit_network_saml_settings","onelogin_saml_configuration_multisite_save",53,{"type":214,"name":239,"callback":240,"file":217,"line":241},"network_admin_edit_network_saml_injection","onelogin_saml_configuration_multisite_injection",54,{"type":214,"name":243,"callback":244,"file":217,"line":245},"network_admin_edit_network_saml_enabler","onelogin_saml_configuration_multisite_enabler",55,{"type":247,"name":248,"callback":249,"file":217,"line":250},"filter","allow_password_reset","disable_password_reset",64,{"type":214,"name":252,"callback":253,"priority":107,"file":217,"line":254},"lost_password","saml_lostpassword",67,{"type":214,"name":256,"callback":253,"priority":107,"file":217,"line":257},"retrieve_password",68,{"type":214,"name":259,"callback":253,"priority":107,"file":217,"line":260},"password_reset",69,{"type":214,"name":215,"callback":262,"priority":107,"file":217,"line":109},"saml_slo",{"type":214,"name":215,"callback":264,"priority":107,"file":217,"line":265},"saml_sso",81,{"type":214,"name":215,"callback":264,"priority":107,"file":217,"line":267},99,{"type":214,"name":215,"callback":264,"priority":107,"file":217,"line":269},113,{"type":247,"name":271,"callback":272,"file":217,"line":273},"login_message","saml_custom_login_footer",115,{"type":214,"name":275,"callback":276,"priority":107,"file":217,"line":277},"register_form","saml_user_register",119,{"type":214,"name":279,"callback":280,"priority":165,"file":217,"line":281},"login_enqueue_scripts","onelogin_enqueue_script",128,{"type":214,"name":283,"callback":284,"file":285,"line":286},"admin_footer","disable_email","php\\functions.php",674,{"type":214,"name":283,"callback":288,"file":285,"line":289},"disable_password",677,[],[],[],[],{"dangerousFunctions":295,"sqlUsage":296,"outputEscaping":299,"fileOperations":494,"externalRequests":29,"nonceChecks":494,"capabilityChecks":495,"bundledLibraries":496},[],{"prepared":297,"raw":29,"locations":298},25,[],{"escaped":300,"rawEcho":301,"locations":302},77,102,[303,307,309,311,312,314,316,317,319,321,323,325,327,329,331,333,335,337,339,341,343,345,347,349,351,353,355,357,359,361,363,365,367,369,371,373,375,377,379,381,383,385,387,389,391,393,395,397,399,401,403,405,407,409,411,413,415,417,419,421,423,425,427,429,431,433,435,437,439,441,443,445,447,448,450,452,453,454,456,458,460,461,463,464,465,466,468,469,471,472,473,475,477,479,481,482,484,485,487,488,490,492],{"file":304,"line":305,"context":306},"php\\configuration.php",29,"raw output",{"file":304,"line":308,"context":306},30,{"file":304,"line":310,"context":306},92,{"file":304,"line":122,"context":306},{"file":304,"line":313,"context":306},104,{"file":304,"line":315,"context":306},110,{"file":304,"line":277,"context":306},{"file":304,"line":318,"context":306},125,{"file":304,"line":320,"context":306},132,{"file":304,"line":322,"context":306},139,{"file":304,"line":324,"context":306},146,{"file":304,"line":326,"context":306},153,{"file":304,"line":328,"context":306},160,{"file":304,"line":330,"context":306},167,{"file":304,"line":332,"context":306},176,{"file":304,"line":334,"context":306},183,{"file":304,"line":336,"context":306},190,{"file":304,"line":338,"context":306},199,{"file":304,"line":340,"context":306},228,{"file":304,"line":342,"context":306},241,{"file":304,"line":344,"context":306},265,{"file":304,"line":346,"context":306},272,{"file":304,"line":348,"context":306},279,{"file":304,"line":350,"context":306},286,{"file":304,"line":352,"context":306},293,{"file":304,"line":354,"context":306},300,{"file":304,"line":356,"context":306},307,{"file":304,"line":358,"context":306},314,{"file":304,"line":360,"context":306},321,{"file":304,"line":362,"context":306},328,{"file":304,"line":364,"context":306},335,{"file":304,"line":366,"context":306},342,{"file":304,"line":368,"context":306},350,{"file":304,"line":370,"context":306},358,{"file":304,"line":372,"context":306},365,{"file":304,"line":374,"context":306},372,{"file":304,"line":376,"context":306},379,{"file":304,"line":378,"context":306},386,{"file":304,"line":380,"context":306},393,{"file":304,"line":382,"context":306},400,{"file":304,"line":384,"context":306},410,{"file":304,"line":386,"context":306},418,{"file":304,"line":388,"context":306},423,{"file":304,"line":390,"context":306},448,{"file":304,"line":392,"context":306},478,{"file":304,"line":394,"context":306},499,{"file":304,"line":396,"context":306},518,{"file":304,"line":398,"context":306},523,{"file":304,"line":400,"context":306},527,{"file":304,"line":402,"context":306},531,{"file":304,"line":404,"context":306},535,{"file":304,"line":406,"context":306},539,{"file":304,"line":408,"context":306},543,{"file":304,"line":410,"context":306},547,{"file":304,"line":412,"context":306},551,{"file":285,"line":414,"context":306},274,{"file":285,"line":416,"context":306},278,{"file":285,"line":418,"context":306},287,{"file":285,"line":420,"context":306},305,{"file":285,"line":422,"context":306},309,{"file":285,"line":424,"context":306},312,{"file":285,"line":426,"context":306},406,{"file":285,"line":428,"context":306},435,{"file":285,"line":430,"context":306},461,{"file":285,"line":432,"context":306},564,{"file":285,"line":434,"context":306},580,{"file":285,"line":436,"context":306},604,{"file":285,"line":438,"context":306},606,{"file":440,"line":165,"context":306},"php\\network.php",{"file":440,"line":442,"context":306},38,{"file":440,"line":444,"context":306},45,{"file":446,"line":165,"context":306},"php\\network_saml_enabler.php",{"file":446,"line":305,"context":306},{"file":446,"line":449,"context":306},31,{"file":451,"line":165,"context":306},"php\\network_saml_global_settings.php",{"file":451,"line":308,"context":306},{"file":451,"line":449,"context":306},{"file":451,"line":455,"context":306},32,{"file":457,"line":165,"context":306},"php\\network_saml_injection.php",{"file":457,"line":459,"context":306},27,{"file":457,"line":305,"context":306},{"file":462,"line":165,"context":306},"php\\validate.php",{"file":462,"line":305,"context":306},{"file":462,"line":449,"context":306},{"file":462,"line":455,"context":306},{"file":462,"line":467,"context":306},39,{"file":462,"line":218,"context":306},{"file":462,"line":470,"context":306},48,{"file":462,"line":237,"context":306},{"file":462,"line":245,"context":306},{"file":462,"line":474,"context":306},62,{"file":462,"line":476,"context":306},66,{"file":462,"line":478,"context":306},71,{"file":462,"line":480,"context":306},78,{"file":462,"line":145,"context":306},{"file":462,"line":483,"context":306},84,{"file":462,"line":13,"context":306},{"file":462,"line":486,"context":306},107,{"file":462,"line":315,"context":306},{"file":462,"line":489,"context":306},117,{"file":462,"line":491,"context":306},135,{"file":462,"line":493,"context":306},140,2,7,[],[498,515,534,546],{"entryPoint":499,"graph":500,"unsanitizedCount":107,"severity":41},"saml_custom_login_footer (php\\functions.php:101)",{"nodes":501,"edges":512},[502,507],{"id":503,"type":504,"label":505,"file":285,"line":506},"n0","source","$_GET",112,{"id":508,"type":509,"label":510,"file":285,"line":269,"wp_function":511},"n1","sink","echo() [XSS]","echo",[513],{"from":503,"to":508,"sanitized":514},false,{"entryPoint":516,"graph":517,"unsanitizedCount":29,"severity":533},"saml_acs (php\\functions.php:240)",{"nodes":518,"edges":529},[519,522,525],{"id":503,"type":504,"label":520,"file":285,"line":521},"$_REQUEST (x2)",268,{"id":508,"type":523,"label":524,"file":285,"line":521},"transform","→ redirect_to_relaystate_if_trusted()",{"id":526,"type":509,"label":527,"file":285,"line":241,"wp_function":528},"n2","wp_redirect() [Open Redirect]","wp_redirect",[530,531],{"from":503,"to":508,"sanitized":514},{"from":508,"to":526,"sanitized":532},true,"low",{"entryPoint":535,"graph":536,"unsanitizedCount":29,"severity":533},"saml_sls (php\\functions.php:524)",{"nodes":537,"edges":543},[538,541,542],{"id":503,"type":504,"label":539,"file":285,"line":540},"$_REQUEST['RelayState']",557,{"id":508,"type":523,"label":524,"file":285,"line":540},{"id":526,"type":509,"label":527,"file":285,"line":241,"wp_function":528},[544,545],{"from":503,"to":508,"sanitized":514},{"from":508,"to":526,"sanitized":532},{"entryPoint":547,"graph":548,"unsanitizedCount":29,"severity":533},"\u003Cfunctions> (php\\functions.php:0)",{"nodes":549,"edges":563},[550,551,552,553,555,557,559,561],{"id":503,"type":504,"label":505,"file":285,"line":506},{"id":508,"type":509,"label":510,"file":285,"line":269,"wp_function":511},{"id":526,"type":504,"label":520,"file":285,"line":521},{"id":554,"type":523,"label":524,"file":285,"line":521},"n3",{"id":556,"type":509,"label":527,"file":285,"line":241,"wp_function":528},"n4",{"id":558,"type":504,"label":539,"file":285,"line":540},"n5",{"id":560,"type":523,"label":524,"file":285,"line":540},"n6",{"id":562,"type":509,"label":527,"file":285,"line":241,"wp_function":528},"n7",[564,565,566,567,568],{"from":503,"to":508,"sanitized":532},{"from":526,"to":554,"sanitized":514},{"from":554,"to":556,"sanitized":532},{"from":558,"to":560,"sanitized":514},{"from":560,"to":562,"sanitized":532},{"summary":570,"deductions":571},"The 'onelogin-saml-sso' plugin v3.4.0 exhibits a mixed security posture. On one hand, the static analysis reveals a commendable absence of directly exposed entry points like AJAX handlers, REST API routes, or shortcodes without authentication. All SQL queries are properly prepared, and file operations are minimal. However, the output escaping is a significant concern, with 57% of outputs not being properly escaped, potentially leading to cross-site scripting (XSS) vulnerabilities.\n\nThe taint analysis shows one flow with unsanitized paths, which, while not classified as critical or high, still represents a potential risk for path traversal or information disclosure. The plugin's vulnerability history is concerning, with 5 known CVEs, including a past critical vulnerability related to improper authentication and others involving open redirects, XML entity expansion, and hard-coded credentials. The fact that the last known vulnerability was in 2021, and there are currently no unpatched CVEs, suggests that these past issues may have been addressed, but the historical pattern indicates a tendency for security weaknesses.\n\nIn conclusion, while the plugin has implemented some good security practices like prepared statements and limited attack surface, the poor output escaping and past vulnerability history present notable risks. The lack of critical or high severity findings in the current static and taint analysis is positive, but the historical context and the unescaped outputs warrant careful consideration and potential further investigation.",[572,575,577],{"reason":573,"points":574},"Significant portion of outputs not properly escaped",15,{"reason":576,"points":28},"One flow with unsanitized paths",{"reason":578,"points":579},"History of 5 known CVEs, including critical",20,"2026-03-16T18:00:55.913Z",{"wat":582,"direct":589},{"assetPaths":583,"generatorPatterns":585,"scriptPaths":586,"versionParams":588},[584],"\u002Fwp-content\u002Fplugins\u002Fonelogin-saml-sso\u002Fassets\u002Fjs\u002Fhide-login-form.js",[],[587],"assets\u002Fjs\u002Fhide-login-form.js",[],{"cssClasses":590,"htmlComments":591,"htmlAttributes":592,"restEndpoints":595,"jsGlobals":596,"shortcodeOutput":598},[],[],[593,594],"data-saml-login-url","data-saml-logout-url",[],[597],"oneLoginSAML",[]]