Athenian Social Sign-on
product details.
Athenian Social Sign-on adds Google and Facebook or Meta login to WordPress and WooCommerce while connecting credential handling to the Athenian secure API layer. It helps teams reduce account friction, simplify customer access, and keep authentication configuration easier to govern across the platform while keeping data, permissions, and automation aligned with the broader Athenian Platform…
Athenian Social Sign-On is a WordPress and WooCommerce identity plugin that unifies Google and Facebook/Meta authentication across native WordPress login, WooCommerce My Account login, and custom branded storefront pages. It is built as a practical customer-access layer for Athenian Platform sites, helping reduce login friction while keeping provider credentials, callback routing, account matching, profile enrichment, and return-flow behavior connected in one system.
The plugin supports Google Identity Services, Google OAuth with PKCE, Facebook SDK login, and Facebook OAuth redirect flows. It can automatically inject social login calls-to-action into the default WordPress login screen and WooCommerce login forms, while also supporting shortcode placement for custom pages, onboarding flows, gated content, vendor portals, creator portals, and branded account-entry experiences.
For operations teams, Athenian Social Sign-On prefers credentials stored in Athenian Secure API Key Manager / SecureStore when available, while preserving local fallback options. It also includes admin migration tools to move local Google and Facebook credentials into SecureStore using merge or overwrite behavior.
When a user signs in, the plugin can match existing WordPress users by email, create new accounts when needed, store provider identifiers, save social profile image URLs, override WordPress avatars with provider profile photos, and redirect the user back to a safe same-site return destination. For Athenian commerce, community, creator, vendor, rewards, support, and account-based workflows, this plugin acts as the front door to a cleaner authenticated customer experience.
Customer Identity
Bring Google and Facebook Login Into WordPress, WooCommerce, and Custom Pages
Athenian Social Sign-On gives storefronts one shared authentication layer
for Google and Facebook/Meta login across native WordPress screens,
WooCommerce account forms, and branded shortcode-based entry points.
| Login Surface | Customer Experience Value |
|---|---|
| WordPress Login | Automatically inject Google and Facebook sign-on options into the default wp-login.php experience. |
| WooCommerce Login | Add social login controls to WooCommerce account login forms for faster repeat-purchase and self-service access. |
| Custom Pages | Place provider buttons or OAuth links inside branded login, onboarding, gated-content, creator, or vendor flows. |
| Return Flow | Preserve safe same-site return destinations so users can continue where they started after signing in. |
- Supports Google Identity Services buttons with
[ath_google_signin]. - Supports Google OAuth links with
[ath_google_signin_link]. - Supports Facebook SDK buttons with
[ath_facebook_login_button]. - Supports Facebook OAuth links with
[ath_facebook_signin_link].
Secure Authentication
Centralize Provider Credentials and Protect Login Callback Flows
The plugin prefers Athenian Secure API Key Manager / SecureStore credentials,
supports local fallback fields, displays callback URLs, validates OAuth state,
and protects provider responses with CSRF and safe redirect controls.
Read Google and Facebook credentials from SecureStore when available
Use
/gsin/callback/ and /fbsin/callback/ for provider responses
Move local fallback secrets into SecureStore with merge or overwrite behavior
| Security Layer | How It Helps |
|---|---|
| OAuth State | Uses short-lived state transients and SameSite cookies for Google and Facebook redirect continuity. |
| Google Handling | Supports GIS credential POST handling, OAuth redirect flow, PKCE verifier/challenge generation, and One Tap modes. |
| Facebook Handling | Supports Facebook SDK login, OAuth redirect flow, Graph API profile lookup, and appsecret_proof when configured. |
| Redirect Safety | Rejects external, protocol-relative, callback-loop, and unsafe login destinations before redirecting users. |
- Settings live under Settings > Athenian Social Sign-on.
- Supports Google One Tap modes:
off,topright, andinline. - Adds FedCM-related
Permissions-Policysupport when enabled. - Includes masked Facebook debug logging with sensitive token and secret fields removed.
Account Continuity
Match Customers by Email, Create Accounts, and Enrich WordPress Profiles
Athenian Social Sign-On connects provider identity to WordPress accounts by
matching users by email, creating accounts when needed, storing provider
metadata, syncing profile photos, and improving authenticated customer flows.
| Account Layer | Operational Purpose |
|---|---|
| Email Matching | Connect social sign-in attempts to existing WordPress or WooCommerce users when the provider email matches. |
| New User Creation | Create WordPress accounts for new customers when a provider returns a usable verified identity. |
| Provider Metadata | Store Google subject IDs, Facebook IDs, and provider profile image URLs in user meta. |
| Avatar Sync | Use available Google or Facebook profile photos as WordPress avatar output through avatar filters. |
Built for Athenian account-based commerce:
Social sign-on improves the entry point for WooCommerce accounts, rewards,
subscriptions, vendor portals, creator workflows, gated content, support
tools, and community experiences that depend on authenticated users.
- Stores Google metadata in
ath_sso_google_subandath_sso_google_picture. - Stores Facebook metadata in
ath_sso_facebook_idandath_sso_facebook_picture. - Exposes avatar selection through the
ath_sso_avatar_urlfilter. - Builds toward provider diagnostics, linked-account management, unlink/relink controls, role assignment rules, and Google JWKS signature verification hardening.
