SifrBolt / docs

SifrBolt Documentation

Documentation to understand the SifrBolt platform and use it effectively.

Why It Matters

Enterprise teams need the storefront to respect corporate access rules. The Citadel bridge plugs your IdP into WordPress without storing raw certificates or user secrets on the site.

Plan check

Citadel plan required. Confirm the signed manifest reports enterprise.sso_saml: true before starting.

Activation Checklist

  1. Install Composer dependencies for the Surge Pack plugin (composer install).
  2. Gather your IdP entity ID, redirect SSO endpoint, and certificate fingerprint.
  3. In WordPress, open SifrBolt → SSO / SAML Bridge and enable the toggle.
  4. Paste the IdP details; the UI stores only the SHA-256 fingerprint, discarding the raw certificate.
  5. Test sign-in from the login screen’s Enterprise SSO button.

Proof & Security

Proof Point

  1. Download the enterprise feature manifest citadel-manifest.json from the Trust Center.
  2. Verify the manifest with the CLI (for example bunx @sifrbolt/verify manifest --plan citadel --file citadel-manifest.json).
  3. Log the activation in the Flight Recorder template bundled with your onboarding pack.

Rollback

Disable the toggle to revert to native WordPress authentication instantly. Sessions already established remain valid until they expire.

Add more identity patterns—Okta, Azure AD, Ping—under docs/src/pages/implementation/ so enterprise teams see their stack represented.