[WordPress] 外掛分享： OAuth Single Sign On – SSO (OAuth Client)

內容目錄

1 前言介紹
2 外掛協作開發者
3 外掛標籤
4 內容簡介
5 原文外掛簡介
6 各版本下載點
7 延伸相關外掛（你可能也想知道）

前言介紹

這款 WordPress 外掛「OAuth Single Sign On – SSO (OAuth Client)」是 2015-06-27 上架。
目前有 6000 個安裝啟用數。
上一次更新是 2025-04-17，距離現在已有 16 天。
外掛最低要求 WordPress 3.0.1 以上版本才可以安裝。
外掛要求網站主機運作至少需要 PHP 版本 5.4 以上。
有 282 人給過評分。
論壇上目前有 4 個提問，問題解答率 50%

外掛協作開發者

cyberlord92 |

外掛標籤

內容簡介

使用 WordPress SSO（單一登入）與 OAuth 和 OpenID Connect 插件，無限制地與以下提供者進行登錄和 SSO：Azure AD、Azure B2C、Office 365、AWS Cognito、ClassLink、Discord、Clever、PingFederate、Keycloak、WHMCS、Okta、WSO2、Identity Server、OneLogin、Salesforce、G Suite / Google Apps / Google Workspace、Invision Community、Slack、Amazon、Twitter、Apple，或其他自訂的 OAuth 2.0 和 OpenID Connect 提供者。WordPress SSO（登錄）插件支援許多OAuth 2.0、OAuth 2.1、OAuth 1.0和 OpenID Connect（OIDC）1.0 提供者的 SSO。
此外，它還提供 OAuth 和 OpenID Connect 協議的無限用戶驗證，允許授權用戶登錄 WordPress 站點。支持單站點和多站點網絡環境。
您可以查看以下視頻教程，了解如何與您的 OAuth / OpenID Connect 提供商設置 SSO。

WordPress 單一登入 / SSO（登錄到WordPress）
WordPress 單一登入（WordPress SSO）允許我們使用一個帳戶登錄多個 WordPress 網站，但無需為每個站點輸入自己的帳戶認證。

此外，WordPress SSO 插件允許用戶使用他們已註冊的帳戶從其他網站直接登錄 WordPress 網站，簡化了帳戶管理流程。

請注意，插件需要 WordPress 4.5 或更高版本。| 設置指南 | 視頻教程 | 附加元件 |

原文外掛簡介

WordPress Single Sign-On (WordPress SSO) with our OAuth & OpenID Connect plugin allows unlimited login/SSO (Single Sign On) with your Azure AD, Azure B2C, G Suite / Google Apps / Google Workspace, ClassLink, Clever, Office 365, AWS Cognito, Discord, PingFederate, Salesforce, Keycloak, Okta, Identity Server, Invision Community or other custom OAuth 2.0 and OpenID Connect providers. WordPress SSO plugin supports Single Sign On (SSO) with many OAuth 2.0, OAuth 2.1, OAuth 1.0 & OpenID Connect (OIDC) 1.0 providers.
An unlimited number of users can perform Single Sign-On (SSO) with OAuth/OIDC supported Identity Providers on WordPress using Single Sign-On (SSO) capabilities.
| Features | OAuth / OpenID Providers Setup guides | Videos |
POPULAR OAUTH AND OPENID CONNECT (OIDC) PROVIDERS SINGLE SIGN-ON (SSO)
The following providers support OAuth 2.0/OpenID Connect SSO for WordPress login.

OTHER OAUTH AND OPENID CONNECT (OIDC) PROVIDERS WE SUPPORT FOR WORDPRESS SINGLE SIGN-ON (SSO)

Other OAuth 2.0 and OpenId Connect ( OIDC ) 1.0 servers WordPress Single Sign-On ( SSO ) plugin support includes Office 365, AWS Cognito, Microsoft Dynamic CRM 365, Auth0, Google Workspace, Egnyte, Autodesk, Zendesk, Foursquare, Harvest, Mailchimp, Bitrix24, Spotify, Vkontakte, Huddle, Reddit, Strava, Ustream, Yammer, RunKeeper, Instagram, SoundCloud, Pocket, PayPal, Pinterest, Vimeo, Nest, Heroku, DropBox, Buffer, Box, Hubic, Deezer, DeviantArt, Delicious, Dailymotion, Bitly, Mondo, Netatmo, Amazon, FitBit, Clever, Sqaure Connect, Windows, Microsoft Live, Dash 10, Github, Invision Community, Blizzard, authlete, Keycloak, Procore, Eve Online, Laravel Passport, Nextcloud, Renren, Soundcloud, OpenAM / Forgerock, IdentityServer, ORCID, Diaspora, Timezynk, Idaptive CyberArk, Duo Security, Rippling, Crowd, Janrain, Numina Solutions, Ubuntu Single Sign-On, Apple, Ipsilon, Zoho, Stripe, Itthinx, Fellowshipone, Miro, Naver, Clever, Coil, Parallel Markets, VATSIM, Liferay, Fatsecret, Intuit, iMIS, ORY Hydra, FusionAuth, Kakao, ID.me, MoxiWorks, HR Answerlink / Support center, ClassLink, Google Classroom, MemberClicks, BankID, CSI, Splitwise, Infusionsoft, Hubspot, Join It, MyAcademicID, MemberConnex, Novi, Coassemble, Servicenow, IBM APP ID, Nimble AMS, iSpring LMS, Neon CRM, EPIC, IPB forum, Wiziq, Sprinklr, Elvanto, ABSORB LMS, Wechat, Weibo, Shibboleth, Centrify, FranceConnect, Church Online, Bigcommerce, Sewobe, PracticePanther, SubscribeStar, Eventbrite, Medi-Access, Lichess, CILogon, Servicem8, Gigya, PhantAuth, XING, Simplecast, SURF, MediaWiki, UNA, NetSuite, Oracle IDCS, Globus, Square, SimpleSAMLphp, Basecamp, HP, SHELL, Otoy, Steam, Webflow, Simplepass, Feide, SingPass, Asmodee, SwissID, Miro, Alkami, Switch, Citrix, Schoology, iGov, LearnWorlds, France Connect, DID, Blackboard, UAEPass, Polar, CodeB, Vincere CRM, F5, TicketMaster, BizLibrary, Skolon, Rapattoni, PowerSchool, Minecraft, NETS, Joomla, Drupal, ASP.NET, CA Siteminder, Outseta, XUMM, ID Austria, Ubisecure, Gravitee.io, SheepCRM, Wahoo, WeatherFlow Tempest, OneWelcome / iWelcome, Xbox, Trovo, Cornerstone, Criipto, bare.id, Discourse, Authentik, Sailpoint, Coil, Asset Bank, GrowthZone, Vipps, Authorizer, Deviant Art, Miracl, Teamsnap, Authelia, Teachable, Django, IDsampa, Cvent, SERMO, Pixelfed, Finys, Login.gov, Fastcase, Acuity, ARPA, Zitadel, Yeti, myID.be, memberful, Teachable, Mindbody etc. This comprehensive SSO support facilitates seamless integration and secure authentication across a wide range of platforms.

WordPress Single Sign-On / SSO ( Login to WordPress )
WordPress Single Sign-On (WordPress SSO) allows users to log into any website/application using the single set of credentials of another app/site through the SSO feature.
Example:Let’s say you have all your users/customers/members/employees stored on a site, called ‘site A’ and you want all of them to register/login using WordPress SSO to your WordPress site called ‘site B’. In this scenario, you can register/login all your users of site A into site B using the login credentials/account of site A. This is called Single Sign-On or SSO, and it simplifies user management through SSO.
WordPress Single Sign-On ( WordPress SSO ) supported Third-Party Application / OAuth OpenID Provider

The Third-Party Application can be anything where user accounts are stored or a site/application where you want to store/migrate all the users. It can be your social login app, WordPress site, OAuth provider, OpenID provider, custom provider or any database.
Applications/providers such as OAuth Identity Provider, OAuth Server, OpenID Connect Server, OpenID Connect Provider, and OIDC Application support Single Sign-On (SSO). SSO integration ensures smooth user authentication and management across these platforms.

OAuth and OpenID Connect are token-based Single Sign-On (SSO) protocols that allow an end user’s account information to be used by third-party services without exposing the user’s password.
The SSO plugin supports OAuth 1.0, OAuth 2.0, and OAuth 2.1, along with the latest OAuth and OpenID Connect protocols. It includes secure 2-Factor Authentication (2FA) and Multi-Factor Authentication (MFA) if enabled by the provider. These industry-standard protocols enable seamless WordPress SSO, providing a good SSO experience for your WordPress site.
WordPress Single Sign-On ( WordPress SSO ) USE CASES

Single Sign On (SSO) to one/multiple WordPress site (single/multisite) using User Credentials stored on another WordPress site with WordPress SSO plugin.
Single Sign On (SSO) to one/multiple WordPress site (single / multisite) using User Credentials stored on your OAuth / OpenID Connect (OIDC) application with WordPress SSO plugin.
Single Sign On ( WordPress SSO ) into WordPress using existing User stores (Active Directory/Database)
SSO and extended plugin functionality using tokens (access_token / JWT token / id_token) such as secure API calls using third-party token
Others: eCommerce Single Sign On (SSO)/Login & other third-party integration with SSO features

Microsoft SSO/Azure SSO
This WordPress Single Sign-On (OAuth / OpenID Connect SSO) plugin supports SSO with Microsoft apps like Azure AD, Azure B2C, Office 365, Microsoft Dynamics CRM, Microsoft Teams, and Windows Live. It also supports policy-based login redirections, including sign-up, sign-in, forgot password, and custom policies, enhancing the SSO experience across Microsoft services.
WordPress integrates with Microsoft services like Azure AD, Azure B2C, and Office 365 for secure Single Sign-On (SSO) across single-site and multisite networks (including subdomains). Users can perform single sign-on (SSO), map profile attributes, and manage role-based access across applications and tenants using SSO
Apart from Single Sign-On (SSO), it also supports WordPress-Azure integrations and customizations, such as token-based calls to specific APIs and the Microsoft Graph API, enhancing the Single Sign On (SSO) experience
Cognito SSO
The WordPress Single Sign-On (SSO) plugin supports Login with AWS Cognito, Amazon, and WordPress using Cognito. It provides user profile syncing, role mapping, and token fetching from AWS Cognito for API calls. Customizations include integrating Cognito SDKs, syncing new registrations, logging in via the default WordPress form instead of Cognito’s SSO page, connecting to the Cognito User Pool, and configuring login redirections.
Discord SSO
This WordPress Single Sign-On (SSO) plugin enables Discord login into WordPress. It supports syncing user profiles from Discord to WordPress, mapping Discord roles to WordPress roles, mapping WordPress roles to Discord roles, and managing Discord role memberships based on WordPress purchases.
Keycloak SSO
The WordPress Single Sign-On (OAuth / OpenID Connect SSO) plugin supports SSO with Keycloak. SSO provides hooks for using Keycloak access tokens, allowing WordPress to make REST calls to remote services with these tokens. The OAuth/OIDC SSO plugin also supports role-based access control (RBAC) by mapping WordPress roles to Keycloak roles and capabilities enhancing the Single Sign-On (SSO) experience.
Ping Federate SSO
The WordPress SSO (OAuth / OpenID Connect SSO) plugin enables Login to WordPress using PingFederate. It supports Single Sign-On (SSO) with authorized access to Ping REST APIs via access tokens or bearer tokens, ensuring seamless SSO integration and secure interactions with PingFederate.
Clever SSO
The WordPress SSO (OAuth / OpenID Connect SSO) plugin supports login with Clever for users (teachers, students, admins) and integrates with LearnDash to sync lessons and assignments. It also provides WordPress Single Sign-On (SSO) with other IDPs like ClassLink, Google Classroom, and Canvas, as well as any Identity Provider (SAML, OAuth, OpenID Connect, Active Directory, databases) via miniOrange IDP, enabling seamless WordPress SSO.
FREE VERSION FEATURES

WordPress Single Sign-On (WordPress SSO) OAuth & OpenID Connect Login supports unlimited SSO with any 3rd party OAuth & OpenID Connect server or custom OAuth & OpenID Connect server like AWS Cognito, Azure AD, Azure AD B2C, Office 365, Google Apps, etc.
WordPress Single Sign-On ( WordPress SSO ) Grant Support – Standard OAuth2 Grant: Authorization Code
Auto Create Users ( User Provisioning ) : After Single Sign On (SSO), a new user automatically gets created in WordPress
Account Linking : After SSO, if the user already exists in WordPress, then their profile gets updated. Else, a new WordPress User is created.
Attribute Mapping : OAuth Login allows you to map your Identity Provider’s unique attribute with WordPress Username Attribute.
Login Widget : Use Widgets to integrate the Single Sign-On (SSO) login on your WordPress site easily.
OpenID Connect & OAuth Provider Support : WordPress Single Sign On (OAuth Login) supports any OpenID Connect & OAuth Provider seamless Single Sign-On (SSO).
Redirect URL after Login : WordPress Single Sign On (OAuth Login) automatically redirects the user after successful Single Sign-On (SSO) login.
Logging : If you run into issues, WordPress Single Sign On (OAuth Login) can be helpful to enable debug logging.

PAID FEATURES

WordPress Single Sign-On (WordPress SSO) Grant Support: Standard OAuth2 Grants including Authorization Code, Implicit Grant, Password Grant, Refresh Token Grant, Client Credential Grant, authorization code grant with PKCE flow, and Hybrid Grant (Customization Available)
Auto Register Users: Automatic user registration after WordPress SSO if the user is not already registered with your site.
Advanced Attribute Mapping: Ability to map WordPress user profile attributes, such as username, first name, last name, and email , via SSO.
Advanced Role Mapping: Assign roles to users based on defined rules through Single Sign-On (SSO).
Force Authentication / Protect Complete Site: Protect the entire website for public users and grant access only to authenticated users through Single Sign-on (WordPress SSO).
Custom Attribute Mapping: Map custom user attributes received from OAuth / OpenID Connect providers to any WordPress user attribute for Single Sign-On (SSO).
Multiple OAuth & OpenID Connect Provider Support: Support for multiple SSO providers.
Single Login button for Multiple Apps: Provides a single SSO login button for multiple providers.
Extended OAuth API Support: Extend OAuth / OpenID Connect API support for enhanced Single Sign-On (SSO) functionality.
WordPress Single Sign-On ( SSO ) Login Reports: Generate user login and registration reports based on the application used for SSO.
Enable / Disable WordPress Default Login: Option to disable the default WordPress login form and use SSO instead.
FrontChannel & BackChannel Single Logout Support: Allows users to be logged out from WordPress as well as the IDP through Single Sign-On (SSO).
Third-Party Plugin Compatibility for Single Sign-On (SSO): Compatible with WooCommerce and other third-party plugins for seamless Single Sign-On (SSO) integration.
Add-on Support with SSO Plugin: Support for various add-ons including SCIM User Provisioning, Page & Post Restriction, BuddyPress Integration, Login Form Add-on, LearnDash Integration, Media Restriction, Attribute/Membership-Based Redirection, SSO Session Management, Paid Membership Pro Integrator, WooCommerce Integrator, SSO Login Audit, Memberpress Integration, and Guest User Login.
No SSL Restriction: Allows SSO login without SSL or HTTPS-enabled site using Google credentials or any other app.

WORDPRESS SINGLE SIGN-ON (SSO) SUPPORTED ADD-ONS

Page Restriction – This add-on is used to protect the pages / posts of your site with OAuth & OpenID Connect compliant IDP (Server) login page and also, to restrict access to pages / posts of the site based on user role using SSO.
LearnDash Integrator – LearnDash Integration will map the Single Sign-On (SSO) users to LearnDash groups as per the group attributes sent by your Identity Provider for seamless SSO integration.
Media Restriction – This add-on restricts unauthorized users from accessing the media files on your WordPress site through SSO.
WooCommerce Integrator – WooCommerce integrator will map the user profile attributes sent by your OAuth/OpenID provider to the WooCommerce Billing details of the customer on WordPress enhancing SSO functionality.
WordPress Cognito Integrator – Cognito integrator provides functionality to manage user operations such as login, registration, profile updates, and password resets from your WordPress site using Cognito SSO.

各版本下載點

方法一：點下方版本號的連結下載 ZIP 檔案後，登入網站後台左側選單「外掛」的「安裝外掛」，然後選擇上方的「上傳外掛」，把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
方法二：透過「安裝外掛」的畫面右方搜尋功能，搜尋外掛名稱「OAuth Single Sign On – SSO (OAuth Client)」來進行安裝。

（建議使用方法二，確保安裝的版本符合當前運作的 WordPress 環境。

trunk | 6.11.0 | 6.11.1 | 6.11.2 | 6.11.3 | 6.11.4 | 6.12.0 | 6.13.0 | 6.14.0 | 6.14.1 | 6.14.2 | 6.14.3 | 6.14.4 | 6.14.5 | 6.15.0 | 6.15.1 | 6.15.2 | 6.15.3 | 6.16.0 | 6.16.1 | 6.16.2 | 6.16.3 | 6.17.0 | 6.17.1 | 6.17.2 | 6.17.3 | 6.18.0 | 6.18.1 | 6.19.0 | 6.19.1 | 6.19.2 | 6.19.3 | 6.19.4 | 6.19.5 | 6.19.6 | 6.19.7 | 6.19.8 | 6.20.0 | 6.20.1 | 6.20.2 | 6.20.3 | 6.20.4 | 6.21.0 | 6.21.1 | 6.21.2 | 6.21.3 | 6.21.4 | 6.21.5 | 6.21.6 | 6.21.7 | 6.21.8 | 6.21.9 | 6.22.0 | 6.22.1 | 6.22.2 | 6.22.3 | 6.22.4 | 6.22.5 | 6.22.6 | 6.23.0 | 6.23.1 | 6.23.2 | 6.23.3 | 6.23.4 | 6.23.5 | 6.23.6 | 6.23.7 | 6.24.0 | 6.24.1 | 6.24.2 | 6.24.3 | 6.24.4 | 6.24.5 | 6.24.6 | 6.24.7 | 6.24.8 | 6.24.9 | 6.25.0 | 6.25.1 | 6.25.2 | 6.25.3 | 6.25.4 | 6.26.0 | 6.26.1 | 6.26.2 | 6.26.3 | 6.26.4 | 6.26.5 | 6.26.6 | 6.26.7 | 6.26.8 | 6.12.12 | 6.24.10 |

延伸相關外掛（你可能也想知道）

WPS Hide Login 》中文, WPS Hide Login 是一個非常輕量的外掛，讓您輕鬆且安全地更改登入表單頁面的網址。它不會真正地重命名或更改核心檔案，也不會添加重寫規則。它只是攔截...。
Security Optimizer – The All-In-One Protection Plugin 》透過精心挑選且易於配置的功能，SiteGround Security 外掛提供了您所需的一切來保護您的網站並預防多種威脅，例如暴力破解攻擊、登錄錯誤、資料外洩等等。, ...。
Loginizer 》Loginizer 是一個 WordPress 外掛，可幫助您對抗暴力攻擊，當 IP 地址達到最大重試次數時，該外掛會阻止其登錄。您可以使用 Loginizer 將 IP 地址列入黑名單...。
Limit Login Attempts 》此外掛可限制正常登入及使用驗證 cookies 登入的次數。, WordPress 預設允許使用者無限次數嘗試登入，無論是透過登入頁面或是傳送特殊 cookies 皆可。這讓密...。
LoginPress | wp-login Custom Login Page Customizer 》LoginPress 外掛提供了很多自訂欄位，可以更改 WordPress 登入頁面的版面配置。您可以完全修改登入頁面的外觀和感覺，即使是登入錯誤訊息、忘記密碼錯誤訊息...。
WPS Limit Login 》繁體中文, 限制通過登錄頁面和使用權限Cookie可能的登錄嘗試次數。, WordPress 默認情況下允許通過登錄頁面或發送特殊 Cookie 的方式進行無限制的登錄嘗試。...。
Login Lockdown & Protection 》Login LockDown 記錄每次失敗的登入嘗試的 IP 位址和時間戳記。如果在短時間內來自相同 IP 範圍的嘗試次數超過一定數量，那麼該 IP 位址的所有登入請求都會被...。
WP Ghost (Hide My WP Ghost) – Security & Firewall 》Hide My WP Ghost 是一個 WordPress 安全外掛，透過強大且易於使用的功能，提供最佳的安全解決方案。它可以在不改變任何目錄或檔案的情況下，將網站的安全性...。
Custom Login Page Customizer 》Custom Login Page Customizer 外掛可讓您輕鬆地從 WordPress Customizer 自訂您的登入頁面！在儲存之前，您可以預覽自訂的登入頁面變更！太棒了，對吧？, , ...。
All In One Login — WordPress Login Security Plugin to Protect and Customize WP Admin 》Change wp-admin login 是一個輕量級的外掛程式，可讓您輕鬆且安全地更改 wp-admin，讓它變成您想要的東西。它不會重新命名或更改核心檔案，只是攔截頁面請求...。
WP fail2ban – Advanced Security 》Fail2ban是您可以實施來保護 WordPress 網站的最簡單和最有效的安全措施之一。, WP fail2ban 提供 WordPress 與 fail2ban 之間的連接：, Oct 17 20:59:54 foo...。
Theme My Login 》曾經希望您的 WordPress 登入頁面與網站的其餘部分相匹配嗎？現在您的願望成真了！「Theme My Login」讓您可以繞過預設的 WordPress 標誌登入頁面，該頁面與...。
Login No Captcha reCAPTCHA 》此外掛新增了 Google 無人類驗證功能的勾選框，可應用於您的 WordPress 和 Woocommerce 登錄、忘記密碼及使用者註冊頁面，讓人類使用者輕鬆透過勾選框登入，...。
WP-Members Membership Plugin 》8211; allows you to restrict file downloads to registered users only, with customizable download links., MailChimp Integration – integrates W...。
WP Hide & Security Enhancer 》WP-Hide 推出了最簡單的方法，完全隱藏 WordPress 核心文件、登錄頁面、佈景主題和外掛程式的路徑，使其不會顯示在前端，這是 Site Security 的一個巨大改進...。

文章

文章