{"id":230325,"date":"2025-04-23T22:49:24","date_gmt":"2025-04-23T22:49:24","guid":{"rendered":"https:\/\/en-gb.wordpress.org\/plugins\/frontegg-saml-sso\/"},"modified":"2025-04-23T23:01:43","modified_gmt":"2025-04-23T23:01:43","slug":"frontegg-saml-sso","status":"publish","type":"plugin","link":"https:\/\/frp.wordpress.org\/plugins\/frontegg-saml-sso\/","author":23273217,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.0.1","stable_tag":"trunk","tested":"6.8.5","requires":"5.0","requires_php":"7.4","requires_plugins":null,"header_name":"Frontegg SAML SSO","header_author":"Frontegg","header_description":"Replaces the WordPress login\/logout with secure Frontegg SAML SSO.","assets_banners_color":"f6f6f6","last_updated":"2025-04-23 23:01:43","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/frontegg.com","header_author_uri":"https:\/\/frontegg.com\/why-frontegg","rating":5,"author_block_rating":0,"active_installs":0,"downloads":353,"num_ratings":1,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":[],"upgrade_notice":{"1.0.1":"<p>All users should upgrade to ensure compatibility with WordPress security standards and plugin repository requirements.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":1},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3280330,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3280330,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-772x250.png":{"filename":"banner-772x250.png","revision":3280356,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":[],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3280330,"resolution":"1","location":"assets","locale":""},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3280330,"resolution":"2","location":"assets","locale":""},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3280330,"resolution":"3","location":"assets","locale":""}},"screenshots":{"1":"Frontegg SAML SSO admin settings page","2":"Copy-paste SP values to Frontegg","3":"Configure SSO, SLO URLs, and certificate"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[710,602,9213,5136,2469],"plugin_category":[38],"plugin_contributors":[241289],"plugin_business_model":[],"class_list":["post-230325","plugin","type-plugin","status-publish","hentry","plugin_tags-authentication","plugin_tags-login","plugin_tags-saml","plugin_tags-single-sign-on","plugin_tags-sso","plugin_category-authentication","plugin_contributors-frontegg","plugin_committers-frontegg"],"banners":{"banner":"https:\/\/ps.w.org\/frontegg-saml-sso\/assets\/banner-772x250.png?rev=3280356","banner_2x":false,"banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/frontegg-saml-sso\/assets\/icon-128x128.png?rev=3280330","icon_2x":"https:\/\/ps.w.org\/frontegg-saml-sso\/assets\/icon-256x256.png?rev=3280330","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/frontegg-saml-sso\/assets\/screenshot-1.png?rev=3280330","caption":"Frontegg SAML SSO admin settings page"},{"src":"https:\/\/ps.w.org\/frontegg-saml-sso\/assets\/screenshot-2.png?rev=3280330","caption":"Copy-paste SP values to Frontegg"},{"src":"https:\/\/ps.w.org\/frontegg-saml-sso\/assets\/screenshot-3.png?rev=3280330","caption":"Configure SSO, SLO URLs, and certificate"}],"raw_content":"<!--section=description-->\n<p>Frontegg SAML SSO replaces the default WordPress login and logout experiences with seamless SAML authentication via <a href=\"https:\/\/frontegg.com\">Frontegg<\/a>.<\/p>\n\n<p>This plugin is designed for modern SaaS and enterprise WordPress environments where you need to enforce login via an external identity provider (IdP).<\/p>\n\n<p>It includes:\n- \ud83d\udd10 Secure SAML 2.0 login and logout\n- \ud83d\udccb Admin-friendly configuration of SSO URLs and certificate\n- \ud83d\udcce Auto-generated SP (Service Provider) values (Entity ID, ACS URL, SLO URL)\n- \ud83e\udded Redirect control after logout\n- \ud83d\udd04 Auto-redirects from <code>wp-login.php<\/code> to Frontegg\n- \u2728 Clean and accessible admin UI using native WordPress components<\/p>\n\n<h3>License<\/h3>\n\n<p>This plugin is licensed under the GPL v2.0 or later. See LICENSE.txt for details.<\/p>\n\n<!--section=installation-->\n<ol>\n<li>Upload the plugin folder to <code>\/wp-content\/plugins\/frontegg-saml-sso\/<\/code><\/li>\n<li>Activate the plugin from the Plugins menu in WordPress<\/li>\n<li>Go to <strong>Frontegg SAML SSO<\/strong> in the admin menu<\/li>\n<li>Follow the 4-step configuration:\n\n<ul>\n<li><strong>Step 1:<\/strong> Create a SAML Application in your Frontegg Dashboard<\/li>\n<li><strong>Step 2:<\/strong> Copy SP values (Entity ID, ACS URL, Logout URL) into Frontegg<\/li>\n<li><strong>Step 3:<\/strong> Paste your Frontegg SSO\/SLO URLs and certificate into WordPress<\/li>\n<li><strong>Step 4 (Optional):<\/strong> Set a custom redirect after logout<\/li>\n<\/ul><\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id='can%20i%20still%20use%20wp-login.php%20to%20log%20in%3F'><h3>Can I still use wp-login.php to log in?<\/h3><\/dt>\n<dd><p>No. This plugin fully replaces the WordPress login screen with Frontegg's SSO flow.<\/p><\/dd>\n<dt id='what%20happens%20if%20a%20user%20does%20not%20already%20exist%20in%20wordpress%3F'><h3>What happens if a user does not already exist in WordPress?<\/h3><\/dt>\n<dd><p>The plugin auto-creates a new user using the email address from the SAML assertion.<\/p><\/dd>\n<dt id='where%20do%20i%20find%20my%20frontegg%20sso%20url%20and%20certificate%3F'><h3>Where do I find my Frontegg SSO URL and certificate?<\/h3><\/dt>\n<dd><p>In your Frontegg Dashboard under the SAML application settings.<\/p><\/dd>\n<dt id='what%20should%20i%20use%20as%20my%20saml%20acs%20url%20and%20entity%20id%3F'><h3>What should I use as my SAML ACS URL and Entity ID?<\/h3><\/dt>\n<dd><p>After activation, visit the plugin settings page to view copy-paste ready values.= Will this replace the default login screen? =\nYes. When configured, users will be redirected to Frontegg's login instead of wp-login.php.<\/p><\/dd>\n<dt id='does%20it%20support%20user%20creation%3F'><h3>Does it support user creation?<\/h3><\/dt>\n<dd><p>Yes. If a user logs in from Frontegg and does not exist in WordPress, a new account will be automatically created.<\/p><\/dd>\n<dt id='can%20i%20configure%20a%20post-logout%20redirect%3F'><h3>Can I configure a post-logout redirect?<\/h3><\/dt>\n<dd><p>Yes. You can define a URL to redirect users to after successful logout from Frontegg.<\/p><\/dd>\n<dt id='is%20nonce%20verification%20used%3F'><h3>Is nonce verification used?<\/h3><\/dt>\n<dd><p>Yes, for all admin operations. SAML POST responses (from the IdP) do not include nonce \u2014 those routes are documented as exceptions.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.0.1<\/h4>\n\n<ul>\n<li>Full WordPress.org Plugin Check compliance<\/li>\n<li>Improved admin UX with accordion layout and inline feedback<\/li>\n<li>Added nonce validation, input sanitization, and rewrite rule safety<\/li>\n<li>Fixed logout flow redirect and session handling<\/li>\n<li>Updated SP values and copy buttons<\/li>\n<li>Added admin notice after version bump<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial stable release<\/li>\n<li>Basic SAML login\/logout functionality with Frontegg<\/li>\n<li>Admin form for configuration<\/li>\n<li>Auto-create user from SAML response<\/li>\n<\/ul>","raw_excerpt":"Replace the WordPress login and logout flows with secure SAML-based authentication via Frontegg. Easily configure your SSO app from the admin panel.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/230325","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=230325"}],"author":[{"embeddable":true,"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/frontegg"}],"wp:attachment":[{"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=230325"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=230325"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=230325"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=230325"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=230325"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/frp.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=230325"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}