Description

SSO JumpCloud – Enterprise SAML & SCIM is a powerful Enterprise-ready plugin that effortlessly connects your WordPress site with JumpCloud using SAML 2.0.

Designed for security-conscious organizations, it provides seamless single sign-on (SSO), automated user provisioning, and advanced role mapping. With our newly released Enterprise Premium Edition, you can now manage complex access requirements and maintain detailed audit trails.

Key Features:
* Easy Setup: Connect to JumpCloud in minutes using Entity ID, SSO URL, and Certificate.
* Automatic User Creation: New users from JumpCloud are automatically created in WordPress upon their first login.
* Secure Authentication: Uses verified SAML 2.0 protocols to ensure your data stays safe.
* Developer Friendly: Clean code, hooks for customization, and minimalist design.

Premium Features

Unlock the full power of your enterprise identity management with:
* Group-Based Access Control: Restrict login access to specific JumpCloud groups.
* Role-Based Redirects: Define custom landing pages for different user roles.
* Automated Role Mapping: Dynamically assign WordPress roles based on JumpCloud groups.
* Comprehensive Audit Logs: Track every SSO login attempt with detailed metadata.
* Enterprise Support: Priority assistance for complex deployments.

Premium Subscription

The Premium features are available via a monthly or annual subscription.

How to Activate:
1. Go to the Premium Features tab in the plugin settings.
2. If you don’t have a subscription yet, use the secure Stripe pricing table to subscribe.
3. Once subscribed, simply click the “Check Subscription Status” button.
4. The plugin will automatically verify your subscription using your administrator email and activate all premium features instantly.
5. You can manage your subscription at any time via the Stripe Customer Portal link provided in the same tab.

Installation & Setup Guide

Configuring Enterprise SSO and Provisioning requires a few steps in both JumpCloud and WordPress. Follow this guide for a flawless setup.

Part 1: JumpCloud Configuration (SAML 2.0)

Log in to your JumpCloud Admin Portal.
Navigate to SSO Applications and click “+” to add a new application.
Search for SAML 2.0 and select Custom SAML App.
In the General Info tab, name it “WordPress SSO”.
In the SSO tab, enter the following (copy these from your WordPress Plugin settings):
- IdP Entity ID: Your unique ID (e.g., wp-sso-your-site).
- SP Entity ID: Copy from Plugin (usually your Site URL).
- ACS URL: Copy from Plugin (usually https://your-site.com/?jumpssco_acs).
- SAMLSubject NameID: Default to email.
- SAMLSubject NameID Format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress.
In Attributes, add:
- email -> email
- firstname -> firstname
- lastname -> lastname
Click save and then export Metadata or copy the SSO URL, Entity ID, and download the IDP Certificate.

Part 2: WordPress Plugin Setup

Install and Activate the plugin.
Go to Settings > SSO JumpCloud.
In the General tab, paste the IDP Entity ID, IDP SSO URL, and the X.509 Certificate obtained from JumpCloud.
Click Save Settings.
Use the “Test Configuration” button to ensure the connection is established.

Part 3: SCIM Provisioning (Enterprise Feature)

Note: Requires an active Enterprise Premium subscription.
1. In the plugin settings, go to the SCIM Provisioning tab.
2. Toggle “Enable SCIM Provisioning” to ON.
3. Copy the SCIM Base URL and the Bearer Token.
4. In JumpCloud, go to your Application’s Identity Management tab.
5. Select SCIM 2.0.
6. Paste the Base URL and Bearer Token.
7. Test the connection in JumpCloud and click Activate.

Part 4: Final Testing

Open an Incognito/Private browser window.
Go to your WordPress login page.
Click the “Login with JumpCloud” button.
If successful, you will be authenticated and redirected to your dashboard!

Screenshots

Settings page showing fields for Entity ID, SSO URL, SLO URL, and Certificate.

FAQ

Where do I find the SAML metadata in JumpCloud?: In your JumpCloud Admin Console, go to SSO -> Your SAML Application -> Details tab. You will find the IDP Entity ID, SSO URL, and you can download the certificate.
Does it support Just-in-Time (JIT) provisioning?: Yes, by default, users are created as they log in for the first time if they don’t exist in WordPress.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“SSO JumpCloud – Enterprise SAML & SCIM” is open source software. The following people have contributed to this plugin.

Airton Vancin Junior

Translate “SSO JumpCloud – Enterprise SAML & SCIM” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.1.4

Fix: Improved Audit Logs table layout with aggressive CSS overrides to prevent stacked cells in settings page.
Add: Support for horizontal scrolling in Audit Logs container.

1.1.3

Adjusted Audit Logs table CSS to prevent broken layout in 2-column settings view
Added fixed maximum height (400px) and vertical scrollbar to Recent Activity section
Improved table responsiveness for long log messages

1.1.2

Added periodic license validation with Supabase server (12-hour cache)
Added “Revalidate License” button for immediate license verification
License is now automatically deactivated if invalid on server
Updated Portuguese (pt_BR) translations with new strings
Improved license status handling and error messages

1.1.1

Added Product Hunter banner.
Change link visit plugin page.
Update license activation message to remove upgrade link
Refine plugin security and WPCS compliance

1.1.0

Major Release: Enterprise Premium Suite.
Added Premium Features: Group-Based Access Control, Role-Based Redirects, and Audit Logs.
Implemented real-time license activation system integrated with Supabase and Stripe.
Added modern two-column settings layout with sticky sidebar and responsive design.
Fixed license activation persistence issue across different settings tabs.
Integrated Live Stripe Pricing Table and Customer Portal for subscription management.
Improved settings sanitization and added cache invalidation for immediate feature availability.
Refined CSS and UI components for better visual consistency and error handling.
Removed redundant License ID field in favor of e-mail based activation.
Added comprehensive documentation and activation instructions.

1.0.7

Updated all default plugin texts from Portuguese to English for better internationalization.
Regenerated and updated Portuguese (pt_BR) and Spanish (es_ES) translation files.

1.0.6

Fixed “Invalid SSO request” error by replacing the server-side redirect with a more robust client-side JavaScript redirect when “Disable Default Login” is active.

1.0.5

Major UI/UX overhaul for the settings page for a modern, intuitive, and clean experience.
Added descriptions for all settings fields.
Replaced static descriptions with interactive toggles to show/hide help text.
Added copy-to-clipboard buttons for SP Metadata URLs for easier configuration.
Clarified optional and required fields.
Moved “Disable Default Login” setting to the General tab.
Made “Disable Default Login” feature available for all users.
Fixed a bug with the copy-to-clipboard functionality in non-secure (http) contexts.

1.0.4

Improve SAML response error handling in ACS endpoint.
Add detailed error messages for authentication failures.
Validate email presence in SAML response.
Add error checking for user creation process.

1.0.3

Improve Test Configuration feedback visibility with dedicated message container.
Add comprehensive console logging for debugging AJAX flow.
Simplify SAML validation to prevent server errors.

1.0.2

Fix Test Configuration button functionality with improved validation and user feedback.
Standardize option names across the plugin (jumpssco_sso_settings).
Add detailed validation messages for SAML configuration.
Improve JavaScript error handling and visual feedback.

1.0.1

Add vendor folder.

1.0.0

Initial release with basic SSO and metadata support.