WordPress Single Sign-On Setup Guide

🔐 Overview

WordPress Single Sign-On, or SSO, allows members to access your WordPress website from Member365 without managing a separate WordPress password.

Once configured, members can click a Login to WordPress button from the member portal and be securely directed into WordPress using their Member365 account.

✅ Before You Begin

You will need:

  • A Member365 account with WordPress SSO enabled
  • A WordPress website using HTTPS
  • WordPress administrator access
  • Matching email addresses between Member365 and WordPress user accounts
  • Access to install a WordPress plugin or add a code snippet

If you do not see WordPress SSO settings in Member365, contact Member365 Support.

 

Step 1. Configure WordPress SSO in Member365

Access the WordPress SSO settings

  1. Log in to your Member365 admin panel.
  2. Go to:

Admin Panel → Options → WordPress SSO

You may also access the configuration page directly at:

/jwt/wordpress_sso/config

Add your WordPress site

  1. Select Add WordPress SSO.
  2. Enter your WordPress Site URL.

Your WordPress URL must begin with:

https://

Example:

https://yourwebsite.com

  1. Choose the default WordPress role for new users.

For most organizations, Subscriber is recommended.

  1. Choose whether WordPress accounts should be created automatically when no matching email address exists.

For the smoothest member experience, enable automatic account creation.

  1. Confirm that Enable WordPress SSO is checked.
  2. Save the configuration.

 

Step 2. Copy and Store the Secret Key

After saving the configuration, Member365 will display a Secret Key.

This key connects Member365 and WordPress securely.

Important

  • Treat the secret key like a password.
  • Do not share it publicly.
  • Store it securely.
  • If you believe it has been exposed, regenerate the key and update your WordPress setup.

 

Step 3. Install the SSO Code in WordPress

There are two common installation options.

Option A. Use the Code Snippets plugin

This is the recommended option for most administrators.

  1. Log in to WordPress.
  2. Go to Plugins → Add New.
  3. Search for Code Snippets.
  4. Install and activate the plugin.
  5. Go to Snippets → Add New.
  6. Name the snippet:

Member365 SSO Integration

  1. Paste the complete SSO code copied from Member365.
  2. Select Run snippet everywhere.
  3. Save and activate the snippet.
  4. Visit your WordPress homepage to confirm the site loads normally.

Option B. Install as a WordPress plugin

Use this option if you prefer a standalone plugin file.

  1. Download the plugin file from Member365.
  2. Open the file in a text editor.
  3. Locate the secret key placeholder.
  4. Replace it with the secret key from Member365.
  5. Save the file.
  6. In WordPress, go to Plugins → Add New → Upload Plugin.
  7. Upload the plugin file.
  8. Install and activate it.

 

Step 4. Add the Login Button to the Member Portal

Copy the widget code

In the Member365 WordPress SSO configuration area, copy the widget embed code.

It will look similar to this:

<div class="wordpress-sso-widget" data-config-id="1"></div>


 

Add the widget to a portal page

  1. Open the page where the button should appear.
  2. Switch the editor to Source or HTML mode.
  3. Paste the widget code where the button should appear.
  4. Save the page.
  5. Refresh the member portal page.

The Login to WordPress button should now appear.

Important

The widget code must be added in Source or HTML mode. If it is pasted into the visual editor, it may not work correctly.

 

Step 5. Test the SSO Flow

Before making the feature available to all members, test it with a known user.

Test user requirements

The test user should have:

  • A Member365 user account
  • A WordPress user account, unless automatic account creation is enabled
  • The exact same email address in both systems

Test steps

  1. Log in to Member365 as the test user.
  2. Go to the portal page with the WordPress login button.
  3. Click Login to WordPress.
  4. Confirm the user is logged in to WordPress.
  5. Check the WordPress SSO configuration area in Member365 for recent login activity.

 

Troubleshooting

The Login to WordPress button does not appear

Check that:

  • WordPress SSO is enabled in Member365
  • The widget code was pasted in Source or HTML mode
  • The page was saved and refreshed
  • The button was added to a member portal page

The user sees “No WordPress account found”

This usually means the user exists in Member365 but not in WordPress.

You can resolve this by either:

  • Enabling automatic account creation in the Member365 WordPress SSO settings
  • Creating the WordPress account manually using the same email address

The user sees “Invalid or expired SSO token”

Check that:

  • The secret key in WordPress matches the secret key in Member365
  • The user clicked the login button within the token validity window
  • The WordPress SSO code or plugin is still active

The user is redirected to WordPress but not logged in

Check that:

  • The WordPress SSO code was installed correctly
  • The WordPress plugin or snippet is active
  • The WordPress Site URL in Member365 matches the actual site URL
  • WordPress is not showing PHP errors

SSO worked before but stopped working

Common causes include:

  • The secret key was regenerated in Member365 but not updated in WordPress
  • The WordPress snippet or plugin was deactivated
  • The WordPress site URL changed
  • WordPress updates or security plugins affected the SSO code

 

Using Multiple WordPress Sites

Member365 can support multiple WordPress SSO configurations.

Each WordPress site should have:

  • Its own SSO configuration
  • Its own secret key
  • Its own widget config ID
  • The SSO code installed on that specific WordPress site

Example:

<!-- Main Website -->

<div class="wordpress-sso-widget" data-config-id="1"></div>


 

<!-- Community Site -->

<div class="wordpress-sso-widget" data-config-id="2"></div>


 

 

Go-Live Checklist

Before making WordPress SSO available to members, confirm:

  • WordPress SSO is enabled in Member365
  • The WordPress site uses HTTPS
  • The secret key is stored securely
  • The WordPress plugin or snippet is active
  • The portal login button appears correctly
  • A test user can log in successfully
  • Automatic account creation has been tested, if enabled
  • Staff know where to direct members for help

 

Security Notes

To help protect the integration:

  • Keep the secret key private
  • Use HTTPS for WordPress
  • Keep WordPress, plugins, and themes updated
  • Use secure WordPress administrator accounts
  • Remove or update WordPress access when member or staff roles change
  • Regenerate the secret key if you believe it has been exposed

 

Frequently Asked Questions

Do email addresses need to match?

Yes. The email address in Member365 must match the WordPress user account email address unless automatic account creation is enabled.

Can Member365 create WordPress accounts automatically?

Yes. Enable automatic account creation in the WordPress SSO configuration.

Can I customize the login button?

Yes. Button appearance and error messaging can be adjusted from the WordPress SSO configuration area in Member365.

Can I connect more than one WordPress site?

Yes. Each WordPress site needs its own configuration and secret key.

What happens if the secret key changes?

You must update the WordPress code or plugin with the new secret key. Otherwise, SSO will stop working.

 

Need Help?

Before contacting support, please confirm:

  • The WordPress site URL is correct
  • HTTPS is active
  • The secret key matches in both systems
  • The WordPress plugin or code snippet is active
  • The user’s email address matches in both systems
  • You have tested with a known user account

When contacting Member365 Support, include:

  • Your WordPress website URL
  • The exact error message
  • Screenshots, if available
  • Whether SSO worked previously
  • Steps already attempted

Source content provided from the uploaded WordPress SSO setup draft.


 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.