If you have an existing user database like an intranet environment and the users should be able to login to an external site that is built on WordPress, without having to remember another password then we can achieve that login using our plugin through Single Sign On (SSO). Users information and role mappings are updated each time the user logs in via SSO.

Key Features

shape SCIM Automated User Provisioning for WordPress (WP)

SSO into WordPress via JWT

Login to WordPress using the JWT (JSON Web Token) token obtained from the existing sessions on other platforms for a seamless SSO (Single-Sign-On experienced).

shape SCIM Automated User Provisioning for WordPress (WP)

User based JWT Creation

This plugin will allow you to generate the JWT token by passing the user’s WordPress credentials through a REST endpoint.

shape SCIM Automated User Provisioning for WordPress (WP)

Authenticate WordPress users via Login API

This plugin provides a REST endpoint to authenticate your users from WordPress when trying to login into other platforms using their WordPress credentials.

shape SCIM Automated User Provisioning for WordPress (WP)

Register user via JWT

This plugin provides a REST endpoint to register your users in WordPress with username/email and password along with functionality to additionally pass the Role to be assigned to users in WordPress.

shape SCIM Automated User Provisioning for WordPress (WP)

Delete user using JWT in WordPress

This plugin provides a REST endpoint to delete the user in WordPress by just passing that user based JWT token.

shape SCIM Automated User Provisioning for WordPress (WP)

Profile/Attribute Mapping on Login

Functionality to map user profile in WordPress on login using the attributes/claims passed in JWT.

shape SCIM Automated User Provisioning for WordPress (WP)

Role Mapping on Login

Functionality to add/update the role of the user in WordPress on login based on attributes/claims passed in JWT

shape SCIM Automated User Provisioning for WordPress (WP)

Extra security key Support

Functionality to enhance the security of various operations like user log in, registration, and deletion in WordPress.

shape SCIM Automated User Provisioning for WordPress (WP)

Supports JWT from third-party applications

The plugin accepts the JWT token provided by third-party apps like OAuth/OpenID apps (Microsoft, Azure, AWS Cognito, Okta, Keycloak, Discord, ADFS and many more), Social login apps (Google, Facebook, LinkedIn), Firebase or custom-developed JWT.

shape SCIM Automated User Provisioning for WordPress (WP)

Advanced Security Algorithms support

The plugin supports the JWT generation using the highly secure HS256 and RS256 algorithms and more can be added on demand.

Plans For Everyone

Choose Your Plan

Compare Package Feature

  • Create JWT with

  • HS256

  • RS256

  • Custom Signing Key

  • Custom Decryption Key

  • Custom JWT expiration

  • Register user for JWT

  • Endpoint to create user

  • Choose Default Role

  • Send role parameter in endpoint request

  • Extra Security Key

  • Delete user with JWT

  • Endpoint to delete user

  • Extra Security Key

  • Login/SSO user with JWT

  • Accept JWT from URL parameter

  • Accept JWT from Cookie

  • Auto-redirection on login to home URL or same page

  • Token Validation using HS256

  • Token Validation using RS256

  • Custom decryption key.

  • Token validation from JWKS

  • Token validation from OAuth/OIDC provider

  • User basic profile mappping

  • FREE




  • Premium




  • *Cost applicable for one instance only. Licenses are perpetual and the Support Plan includes 12 months of maintenance (support and version updates). You can renew maintenance after 12 months at 50% of the current license cost.

    * We provide deep discounts on bulk license purchases and pre-production environment licenses. As the no. of licenses increases, the discount percentage also increases. Contact us at oauthsupport@xecurify.com for more information.

    * At miniOrange, we want to ensure you are 100% happy with your purchase. If the premium plugin you purchased is not working as advertised and you've attempted to resolve any issues with our support team, which couldn't get resolved. Please email us at info@xecurify.com for any queries regarding the return policy.

    Scenarios for your WordPress Website

    A] Single Sign-On (SSO) Users using the JWT token provided by OAuth/OpenID providers

    The plugin supports the WordPress Single Sign On (SSO) or WordPress login using the user based JWT token (id-token/access-token) provided by the OAuth/OpenID Connect providers (like Microsoft Azure AD, Azure B2C, AWS Cognito, Keycloak, Okta, ADFS, Google, Facebook, Apple and many more..) on login in some other sites/applications using their credentials.
    So, the user just needs to log in once on any other sites/platforms and a JWT token will be provided by these providers for those users will then be used a further song with security to autologin in other platforms.

    miniorange img The JWT SSO feature consists of the following features.

    • Just In time user creation if not exists already.
    • Basic User profile mapping like username, email, first name, last name, and display name based on these attributes received as claims in the JWT token.
    • Role/Group Mapping to assign roles to users based on roles/groups received as the attribute in the claims of the JWT token.

    B] Autologin users in WordPress from other sites/applications (Seamless access and user session synchronization)

    TSuppose you have other sites or mobile apps apart from the WordPress site and if you are logged into those sites/apps and then access the WordPress site either via redirection or in webview in the case of the mobile app, then you don’t want to ask your users to authenticate themselves again. Then, in such cases, our plugin will help you to allow your users to autologin without needing the authentication/login again. The user login session can be synchronized between these apps and the WordPress site.

    C] WordPress login and site access from mobile app webview

    Suppose you have a mobile application and wants to allow users to access their WordPress site content in the mobile app webview which requires a login so asking the users to enter the credentials again won’t be a good user experience. So, our plugin provides a solution to you in which the user session from the mobile app can be synchronized with the WordPress site and the user can seamlessly access the WordPress site using the user based JWT token without the need for a WordPress login again.

    miniorange img JWT Single Sign-On (SSO):

    Download the miniOrange JWT Single Sign-On(SSO) plugin for WordPress Login & Register using JWT.

    WordPress Login and Register using JWT plugin allow you to login into the WordPress application using the JWT token (JSON Web token) from any other WordPress site. [24/7 SUPPORT]

     Tested with 5.8
    Hello there!

    Need Help? We are right here!

    Contact miniOrange Support

    Thanks for your inquiry.

    If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com