Description
Frontegg SAML SSO replaces the default WordPress login and logout experiences with seamless SAML authentication via Frontegg.
This plugin is designed for modern SaaS and enterprise WordPress environments where you need to enforce login via an external identity provider (IdP).
It includes:
– 🔐 Secure SAML 2.0 login and logout
– 📋 Admin-friendly configuration of SSO URLs and certificate
– 📎 Auto-generated SP (Service Provider) values (Entity ID, ACS URL, SLO URL)
– 🧭 Redirect control after logout
– 🔄 Auto-redirects from wp-login.php to Frontegg
– ✨ Clean and accessible admin UI using native WordPress components
License
This plugin is licensed under the GPL v2.0 or later. See LICENSE.txt for details.
Screenshots
Frontegg SAML SSO admin settings page 
Copy-paste SP values to Frontegg 
Configure SSO, SLO URLs, and certificate
Installation
- Upload the plugin folder to
/wp-content/plugins/frontegg-saml-sso/ - Activate the plugin from the Plugins menu in WordPress
- Go to Frontegg SAML SSO in the admin menu
- Follow the 4-step configuration:
- Step 1: Create a SAML Application in your Frontegg Dashboard
- Step 2: Copy SP values (Entity ID, ACS URL, Logout URL) into Frontegg
- Step 3: Paste your Frontegg SSO/SLO URLs and certificate into WordPress
- Step 4 (Optional): Set a custom redirect after logout
FAQ
-
Can I still use wp-login.php to log in?
-
No. This plugin fully replaces the WordPress login screen with Frontegg’s SSO flow.
-
What happens if a user does not already exist in WordPress?
-
The plugin auto-creates a new user using the email address from the SAML assertion.
-
Where do I find my Frontegg SSO URL and certificate?
-
In your Frontegg Dashboard under the SAML application settings.
-
What should I use as my SAML ACS URL and Entity ID?
-
After activation, visit the plugin settings page to view copy-paste ready values.= Will this replace the default login screen? =
Yes. When configured, users will be redirected to Frontegg’s login instead of wp-login.php. -
Does it support user creation?
-
Yes. If a user logs in from Frontegg and does not exist in WordPress, a new account will be automatically created.
-
Can I configure a post-logout redirect?
-
Yes. You can define a URL to redirect users to after successful logout from Frontegg.
-
Is nonce verification used?
-
Yes, for all admin operations. SAML POST responses (from the IdP) do not include nonce — those routes are documented as exceptions.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“Frontegg SAML SSO” is open source software. The following people have contributed to this plugin.
Contributors
Translate “Frontegg SAML SSO” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.1
- Full WordPress.org Plugin Check compliance
- Improved admin UX with accordion layout and inline feedback
- Added nonce validation, input sanitization, and rewrite rule safety
- Fixed logout flow redirect and session handling
- Updated SP values and copy buttons
- Added admin notice after version bump
1.0.0
- Initial stable release
- Basic SAML login/logout functionality with Frontegg
- Admin form for configuration
- Auto-create user from SAML response