# WordPress Plugin Guide This guide describes the installation and configuration of the Rhythm WordPress plugin. This plugin is intended for use in Single Sign-On (SSO) scenarios between a WordPress site and the Rhythm API. In all of these scenarios, user Authentication is first completed using the Auth0 WordPress plugin. The Auth0 WordPress plugin will let you authenticate a user, but Auth0 has no knowledge of the user’s membership or other statuses within Rhythm. The Rhythm WordPress plugin augments the authentication flow by automatically assigning WordPress roles to users for each Rhythm Portal [Security Policies](/guides/security-policies) for which they qualify. Security Policies You can create `security policies` for active members, committee members, or other ad-hoc eligibility requirements. See the [Security Policies](/guides/security-policies) guide for more info. ## Prerequisites Before installing the Rhythm WordPress plugin, you should have a WordPress site with the Auth0 plugin installed and configured for your Auth0 tenant. Upgrade Notes The field **Auth0 Membership API** has been deprecated and replaced with the Rhythm Tenant ID field. If the value in **Auth0 Memebership API** was previously: `https://partners.api.rhythmsoftware.com/fusionspan/faa.org/details` then the value for Rhythm Tenant ID should be: `faa.org` ## Configuring Once the Rhythm WordPress plugin has been installed, two new custom fields will be created under `Settings > General` called `Rhythm Tenant ID` and `Rhythm Event ID`. ![Configuring Rhythm Tenant ID](/assets/wp-tenant.37b334b4a94f5b54b6bc77a44d672e554cf66bde40ac5bdd59c69dc28df8b09f.9c1bb791.png) ### Rhythm Tenant ID Rhythm Tenant ID **must** be populated with your Rhythm Tenant ID, which is normally your public domain name. If you do not know your Rhythm Tenant ID, please log a ticket in [ZenDesk](https://support.rhythmsoftware.com). ### Rhythm Event ID For event specific websites, the Rhythm Event ID **may optionally** be populated with the ID of an event managed in Rhythm. This allows you to define `security policies` that will assign WordPress roles to registrants, speakers, exhibitors, etc. for that specific event. ## Universal Login Rhythm **strongly** recommends using the Auth0 Universal Login option for authentication. Compatibility This login method is compatible with the widest range of browsers and mobile devices and provides the most consistent experience for users. To enable Universal Login, please confirm the Universal Login Page has been enabled in the Auth0 plugin settings: ![Enabling Universal Login](/assets/wp-universal-login.8770f2067bb0139e7398b47826b77ab913a004bbcc70b503c7f84a8f145dd26c.9c1bb791.png) ## Embedded Login If you must use the embedded login, first disable the Universal Login Page by toggling the setting above. Then, under `Extra Settings`, you must specify the following settings replacing `faa-org.auth0.com` with the domain for your Auth0 tenant: > {"auth":{"params":{"audience": "https://faa-org.auth0.com/api/v2/"}}} *This setting is not required for Universal Login and can safely be removed in those scenarios.* ![Configuring Extra Settings](/assets/wp-extra-settings.d133c353e0587ed38429731d94b4686c17f8919dbc7bc48d298368dbefa9f0df.9c1bb791.png) ## Downloading You can download the Rhythm WordPress plugin at [https://assets.cdn.rhythmsoftware.com/plugins/wordpress/rhythm-sso.zip](https://assets.cdn.rhythmsoftware.com/plugins/wordpress/rhythm-sso.zip)