This repository contains the Solution Design Document (SDD) for integrating a custom Single Sign-On (SSO) platform with WordPress.
The SDD explains in detail how WordPress authentication is off-loaded to the organisation’s SSO, how user data is exchanged and synced, and how errors are handled. No plugin or code is included here—only the design.
| File | Description |
|---|---|
| WordPress SSO Integration SDD.pdf | PDF of the Solution Design Document (version 1.0, updated 27 Sep 2024) |
- Purpose – Provide a seamless, centralised login for WordPress by redirecting all authentication to the client’s SSO and synchronising user accounts on-the-fly.
- Core flow – Intercept WordPress login → redirect to SSO → return with JWT → validate & exchange for full profile via REST → create/update WP user → start session.
- Environments – Staging and Production each have their own endpoints, JWT secret and API key.
- Future ideas – Background profile sync and single-logout (SSO → WP).
See the SDD for the complete context diagram, error-handling matrix, role-mapping table and more.
The design is shared under the MIT License. See LICENSE for details.
Need help turning this design into a working plugin later on?
Open an issue or discussion thread—contributions are welcome!