Plugin Directory

Test out the new Plugin Directory and let us know what you think.
!This plugin hasn’t been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

CommunityAPI SSO

CommunityAPI SSO provides user provisioning, authorization and single signon capabilities against CommunityAPI providers.

How is this different from OpenID?

OpenID is an excellent solution for cases where you need Single Sign On and you might need it across services operated by different entities. However, it requires the user to know a bit about how the system works and it won't provide authorization. It also operates on a user-by-user basis, while CommuntiyAPI operates on the entire application.

How is this different from LDAP?

LDAP is a source of authentication and authorization information. It doesn't (by itself) provide single signon. CommunityAPI is, first and foremost, a simple way of implementing single signon. The source of the authentication data could well be an LDAP server in the back end of things.

What about password security?

This plugin communicates with the CommunityAPI provider via HTTP or HTTPS (the latter being as secure as the PHP CURL library makes it). If password proxying is used, WordPress sees but doesn't store the user password.

What about code security?

The size of the plugin allows for a fairly simple security audit of the code, should one feel so inclined. Note, however, that it has not been verified by a third party thus far. You have been warned.

What about network security?

Replay attacks between the consumer and the provider are definitely possible and man-in-the-middle can ruin the day. Wrap the traffic in SSL if this is an issue for you.

Requires: 2.8.6 or higher
Compatible up to: 3.0.5
Last Updated: 7 years ago
Active Installs: Less than 10


0 out of 5 stars


Got something to say? Need help?


Not enough data

0 people say it works.
0 people say it's broken.