In a recent Business Bloomer Club Slack thread, a member asked whether it was possible to programmatically assign a free WooCommerce Subscription to a new user right after single sign-on (SSO), without any user interaction.
The twist: this needed to happen during just-in-time (JIT) provisioning. While the user was comfortable with SSO mechanics, WooCommerce Subscriptions posed a few uncertainties.
The thread turned into a helpful discussion on what’s possible and what risks to watch out for.
WooCommerce Subscriptions Are Just Orders
WooCommerce Subscriptions, under the hood, are a custom post type and are associated with WooCommerce orders. Because of this, it is technically possible to create a free subscription during user registration or first login. As one member put it, “Subs are just an order, so yes you can.”
However, this approach needs caution. Automatically generating subscriptions on login can open the door to denial-of-service attacks—anyone with the right access method could mass-create users and bog down your system. To prevent this, subscription creation should be handed off to a background process (e.g. using wp_schedule_single_event or Action Scheduler).
Why Timing Matters
Creating the subscription right after login can significantly slow down the process and leave users with a poor first impression—especially relevant when working with institutional users authenticating via SSO. Background jobs solve this performance issue while still keeping the system responsive.
What If You Trust the Source?
In the use case discussed, new users were coming from a university SSO provider, and only after an institution had been onboarded. That means the authentication layer is more secure and under control, and perhaps less susceptible to abuse. Even so, a background job is still the safest and cleanest approach.
A Starting Point
One useful resource shared was this GitHub Gist, which includes an example of how to programmatically create a free subscription. While not tested in this thread, it provides a solid starting point for customizing the logic as needed.
Conclusion
Yes, you can programmatically assign a WooCommerce Subscription to a user during JIT provisioning, but don’t do it during the login process itself. Use a background task or job queue to avoid performance and security issues. And make sure your implementation accounts for any edge cases where a bad actor could trigger account creation repeatedly.
