Summary and recommendation
WordPress does not offer native SCIM provisioning on any plan, including WordPress VIP's enterprise offering that starts at $25,000/year minimum. While WordPress VIP supports SAML 2.0 SSO integration with identity providers like Okta and Entra ID, organizations requiring automated user provisioning must rely on third-party plugins like miniOrange's SCIM solution. This plugin dependency creates a significant gap for enterprise customers who need reliable, automated user lifecycle management across their WordPress ecosystem.
The lack of native SCIM support means IT teams face ongoing plugin management overhead, potential security vulnerabilities from third-party code, and the risk of provisioning failures during WordPress updates. For organizations already investing $25K+ annually in WordPress VIP, having to cobble together provisioning through plugins represents a major architectural compromise. SSO alone doesn't address the manual work of creating, updating, and deprovisioning user accounts—leaving IT teams with time-consuming manual processes that don't scale with organizational growth.
The strategic alternative
Stitchflow provides SCIM-level provisioning through resilient browser automation for WordPress without requiring plugin dependencies or custom development work. Works with any WordPress plan and integrates with all major identity providers including Okta, Entra ID, Google Workspace, and OneLogin. Flat pricing under $5K/year, regardless of team size.
Quick SCIM facts
| SCIM available? | No |
| SCIM tier required | N/A |
| SSO required first? | No |
| SSO available? | Yes |
| SSO protocol | SAML 2.0 |
| Documentation | Not available |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | ✓ | ❌ | No SCIM available |
| Microsoft Entra ID | ✓ | ❌ | No SCIM available |
| Google Workspace | Via third-party | ❌ | No native support |
| OneLogin | Via third-party | ❌ | No native support |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages WordPress accounts manually. Here's what that costs:
The WordPress pricing problem
WordPress gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Tier comparison
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| WordPress.org | Free (self-hosted) | ||
| WordPress VIP | $25,000+/year minimum |
Pricing structure
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| WordPress.org | Free (self-hosted) | ||
| WordPress VIP | $25,000+/year minimum |
Total WordPress VIP cost breakdown
What this means in practice
WordPress VIP customers face a plugin dependency trap. Despite paying enterprise-level fees, you must rely on third-party SCIM plugins like miniOrange to automate user provisioning. This creates several operational challenges:
Plugin reliability concerns
VIP-specific constraints
Additional constraints
Summary of challenges
- WordPress does not provide native SCIM at any price tier
- Organizations must rely on third-party tools or manual provisioning
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What WordPress actually offers for identity
SAML SSO (WordPress VIP only)
WordPress VIP includes SAML 2.0 integration for single sign-on:
| Setting | Details |
|---|---|
| Protocol | SAML 2.0 |
| Supported IdPs | Okta, Entra ID, Google Workspace, OneLogin |
| Configuration | IdP metadata integration via VIP platform |
| JIT Provisioning | ✓ Yes |
| VIP Requirement | Must allow VIP Support access method |
Critical limitation: WordPress.org (the free/self-hosted version) has no native SSO capabilities. SAML is exclusively available through WordPress VIP, which starts at $25,000/year minimum.
SCIM Provisioning (Third-party plugins only)
WordPress has no native SCIM support across any plan or hosting option:
| Feature | WordPress.org | WordPress VIP |
|---|---|---|
| Native SCIM | ❌ No | ❌ No |
| Plugin requirement | ✓ Yes | ✓ Yes |
| Plugin options | miniOrange, custom development | miniOrange (with VIP approval) |
| User sync | Plugin-dependent | Plugin-dependent |
| Group mapping | Plugin-dependent | Plugin-dependent |
The plugin reality: Third-party SCIM plugins like miniOrange's solution require additional licensing (typically $199-$999/year) and must be maintained separately from your WordPress environment. On WordPress VIP, any plugin must be approved by their platform team, adding deployment complexity.
Okta Integration (Plugin-based)
The official Okta Integration Network listing shows WordPress's actual capabilities:
| Feature | Supported? |
|---|---|
| SAML SSO | ✓ Via VIP only |
| Create users | ✓ Via third-party plugin |
| Update users | ✓ Via third-party plugin |
| Deactivate users | ✓ Via third-party plugin |
| Group push | ✓ Via third-party plugin |
Translation: Every provisioning feature depends on installing, configuring, and maintaining third-party plugins. There's no native WordPress functionality for user lifecycle management.
What IT admins are saying
WordPress's lack of native SCIM provisioning forces IT teams into a plugin dependency nightmare:
- No native SCIM support despite enterprise customers paying $25K+/year for WordPress VIP
- Plugin-based provisioning creates security and maintenance overhead
- VIP's restrictive SSO requirements complicate third-party integrations
- Manual user management becomes a bottleneck for growing organizations
No native SCIM despite enterprise customers needing it
SSO plugins must allow VIP Support access method
Plugin dependency for provisioning features
The recurring theme
Organizations paying enterprise prices for WordPress VIP still can't get basic provisioning automation without cobbling together third-party plugins and navigating VIP's restrictive support access requirements.
The decision
| Your Situation | Recommendation |
|---|---|
| Small blog or marketing site (<10 users) | Manual management is acceptable |
| Content team with low turnover | Manual management with SAML SSO via VIP |
| Large publishing operation (25+ users) | Use Stitchflow: plugin dependency creates security risk |
| Enterprise with compliance requirements | Use Stitchflow: manual processes fail audit requirements |
| Multi-site WordPress deployments | Use Stitchflow: automation essential for scale |
The bottom line
WordPress VIP provides enterprise hosting but forces you to rely on third-party plugins for SCIM provisioning—a significant security and maintenance burden at $25K+ annual pricing. For organizations that need automated user provisioning without plugin dependencies, Stitchflow delivers managed automation that works with any WordPress deployment.
Automate WordPress without third-party complexity
Stitchflow delivers SCIM-level provisioning through resilient browser automation, backed by 24/7 human in the loop for WordPress at <$5K/year, flat, regardless of team size.
Technical specifications
SCIM Version
Not specifiedSupported Operations
Not specifiedSupported Attributes
Plan requirement
Not specifiedPrerequisites
Not specifiedKey limitations
- No native SCIM - requires third-party plugins
- WordPress VIP only supports SAML for SSO (not other protocols)
- SSO plugins must allow VIP Support access method
- Shibboleth middleware not supported on VIP
Documentation not available.
Configuration for Okta
Integration type
Okta Integration Network (OIN) app
Where to enable
Docs
Enterprise required for SCIM
Use Stitchflow for automated provisioning.
Unlock SCIM for
WordPress
WordPress doesn't offer SCIM. Get an enterprise-grade SCIM endpoint in your IdP, even without native support.
See how it works
