前言介紹
- 這款 WordPress 外掛「WP OAuth Server ( Login with WordPress )」是 2017-06-15 上架。
- 目前有 800 個安裝啟用數。
- 上一次更新是 2025-04-15,距離現在已有 19 天。
- 外掛最低要求 WordPress 4.8 以上版本才可以安裝。
- 外掛要求網站主機運作至少需要 PHP 版本 5.6 以上。
- 有 40 人給過評分。
- 還沒有人在論壇上發問,可能目前使用數不多,還沒有什麼大問題。
外掛協作開發者
cyberlord92 | nimeshatxecurify |
外掛標籤
oauth2 | OpenID | oauth server | OAuth provider | wordpress login |
內容簡介
WP OAuth Server 插件可以將您的 WordPress 網站轉換成 OAuth 伺服器。它可以讓您登入以下網站:Rocket Chat、Invision Community、WordPress、Odoo、EasyGenerator、Salesforce、Zapier、Moodle、Service Now、Edunext、Wickr、Freshdesk、FreshWorks、ServiceNow、ShinyProxy、Knack database、Circlo.so、Tribe.so、Tribe、Mobilize、Nextcloud、Church Online、iSpring LMS、Academy of Mine、BoardEffect、TalentLMS、Laravel、PowerSchool、Piano Analytics、Merithub、Bookstack、Pimcore、Synology、360 Learning、EventMobi、Zerotier、Sh
原文外掛簡介
WP OAuth Server plugin turns your WordPress site into an OAuth Server, enabling Login with WordPress. It allows you to login into Rocket Chat, Invision Community, WordPress, Odoo, EasyGenerator, Salesforce, Zapier, Moodle WordPress SSO, ServiceNow, Edunext, Wickr, Freshdesk, FreshWorks, ServiceNow, ShinyProxy, Knack database, Circle.so, Tribe.so, Tribe, Mobilize, Nextcloud SSO, Church Online, iSpring LMS, Academy of Mine, BoardEffect, TalentLMS, Laravel, PowerSchool, PowerSchool, Joomla, HubSpot SSO, shopify sso integration, MeritHub, Bookstack, Pimcore, 360 Learning, EventMobi, Synology, Drupal, Piano Analytics, Zerotier, and any other OAuth 2.0 compliant applications using WordPress SSO credentials.
| WordPress OAuth Server Setup Guides | API Documentation | Demo / Trial |
You can checkout the below video tutorial to know how to setup SSO with your OAuth/OpenID Compliant Applications.
Basically, the OAuth Server plugin allows users to login into applications that are OAuth 2.0 compliant, facilitating oauth server SSO using their WordPress login credentials. As it’s name suggests, it follows the OAuth 2.0 protocol. Along with that, it also supports OpenID Connect (OIDC), and JWT protocols.
The primary goal of the OAuth Server plugin is to provide Single Sign-On Login with WordPress, so users do not need to remember a username and password for each application.
Using WordPress as OAuth Server, once Single Sign On is enabled, users do not need to store sensitive information to login into different applications.
Discovery URL
The discovery url / well-known endpoint can be used to get metadata about your Identity Server, essential for setting up oauth server SSO. It will return information about the OAuth/OpenID endpoints, issuer URL, supported grant types, supported scopes, key material along with claims in the JSON format. These details can be used by the clients to create an OpenID server request, enhancing the WordPress SSO experience. The well known configuration URL is accessible via /.well-known/openid-configuration, in relation to the issuer URL.
JWT Token Verification
JWT signing, which ensures the integrity of the tokens used during the WordPress SSO process, supports both symmetric and asymmetric algorithms provided by the OAuth Server. The plugin’s free version supports HS256, while the premium version supports RS256, enhancing security especially in scenarios involving HubSpot SSO and Nextcloud SSO.
HS256, a symmetric signature algorithm, indicates that the signature is generated and verified using the same secret key. It is supported in the free version of the OAuth Server plugin, which is useful for basic OAuth Server SSO configurations.
RS256, an asymmetric signature algorithm is different from a symmetric algorithm in that a pair of private and public keys is used to sign and validate the data respectively instead of a single secret key in an oauth server SSO setup.
Why RSA algorithm should be used?
The use of a public and private key pair makes RS256 more secure in comparison to HS256 where the public key is shared and might be compromised whereas in RS256, even if you do not have the control over your client, your data remains secure as it is signed using a private key. The premium version of the OAuth Server plugin supports the RS256 algorithm.
Postman collection
Postman collection JSON is a file that can be used for testing the configuration of OAuth 2.0 flow in the WP OAuth Server plugin without configuring an external OAuth Client by generating the access token and the API call to the resource endpoint subsequently.
LIST OF POPULAR OAUTH CLIENTS SUPPORTED
Rocket.Chat
Invision Community (IPB Forum)
Odoo
WordPress SSO into other WordPress Sites
EasyGenerator
Salesforce
Zapier
Moodle
Edunext
Wickr
Freshdesk
FreshWorks
ServiceNow
Knack database
Circle.so
Tribe.so
Mobilize
Nextcloud
iSpring LMS
Church Online
Academy of Mine
BoardEffect
Laravel
PowerSchool
Joomla
HubSpot
Shopify
MeritHub
Bookstack
Pimcore
360 Learning
EventMobi
Synology
Drupal
Piano Analytics
Zerotier
WORDPRESS OAUTH / OPENID CONNECT SERVER USE CASES
If you want to use your WordPress site as an Identity Server / OAuth Server / OAuth Provider and utilize Login with WordPress to access your client site/application with WordPress user’s login credentials, then you can use this plugin. You can also decide what kind of user data/attributes you want to send while Single Sign-On into your client site/application, including Moodle WordPress SSO and Nextcloud SSO functionalities.
If you want to login to your Mobile app / Single Page web app (SPA) using your WordPress credentials, then you can use the Authorization code with PKCE flow grant type to achieve your use case.
Single set of credentials will be used to login to multiple WordPress websites.
You can access the NGINX resources using NGINX Authentication. Once you login into your client application using WP OAuth Server credentials, you will get JWT. Your client application can further use it for NGINX Authentication.
Membership sync or role mapping is used to sync the memberships or roles assigned to your users from OAuth Server to OAuth/OpenID Client.
Custom Attribute Mapping is helpful if you want to send additional attributes (beyond the default ones) from your WordPress usermeta table to your OAuth/OpenID client using Login with WordPress.
WORDPRESS OAUTH / OPENID CONNECT SERVER FREE VERSION FEATURES
Supports Login with WordPress for Single Client application
Protocol Support: OAuth 2.0, OpenID Connect (OIDC)
Discovery document / well-known endpoint for automatic configuration
JWT signing using HS256 or RS256 algorithm (Note: In RS256 algorithm, the keys will be common for all the free version installations)
Postman collection for testing OAuth 2.0 flow without actually configuring the client application
Server Response: Sends User ID, username, email, first name, last name, display name in the response
Grant types Supported: Authorization Code grant
Multi-Site Support: Implement the WordPress as OAuth Server within a WordPress Multisite network environment to Login with WordPress users into configured applications.
Master Switch: Block / unblock OAuth API calls between OAuth Clients and OAuth Server
Token Length: Change the access token length
OAuth API Documentation
Setup guides to configure the plugin with various OAuth Clients (more coming soon)
WORDPRESS OAUTH / OPENID CONNECT SERVER PREMIUM VERSION FEATURES
All FREE version features
Supports Login with WordPress for Multiple Client applications
Server Response: Sends all the profile attributes along with roles, allows to send custom attributes from usermeta table and also customize the attribute names that need to be sent in server response
Grant Types Supported: Authorization Code Grant, Implicit Grant, Password Grant, Client Credentials Grant, Refresh Token Grant, Authorization Code grant with PKCE flow
Token Lifetime: Configure the access token and refresh token expiry time
Enforce State Parameter: Based on client configuration, you can enable or disable state parameter
Authorize / Consent prompt: Enable / disable the consent screen
Redirect / Callback URI Validation: Enable / disable this feature, based on dynamic redirect to a different pages for certain conditions
JWT Signing Algorithm: Supports signing algorithms HSA and RSA (with dynamic keys for each client setup)
Additional endpoints: Provides Introspection endpoint, OpenID Connect Single logout endpoint, Revoke endpoint
A grant is a method of acquiring an access token. Deciding which grants to implement depends on the type of client the end user will be using, and the experience you want for your users.
WE SUPPORT FOLLOWING GRANTS:
Authorization code grant : This code grant is used when there is a need to access the protected resources on behalf of the user on another third party application.
Implicit grant : This grant relies on resource owner and registration of redirect uri. In authorization code grant users need to ask for authorization and access token each time, but here access token is granted for a particular redirect uri provided by a client using a particular browser.
Client credential grant : This grant type heads towards specific clients, where access token is obtained by client by only providing client credentials. This grant type is quite confidential.
Resource owner password credentials grant : This type of grant is used where the resource owner has a trust relationship with the client. Just by using username and password, provided by resource owner authorization and authentication can be achieved.
Refresh token grant : Access tokens obtained in OAuth flow eventually expire. In this grant type client can refresh his or her access token.
Authorization code grant with PKCE flow : This grant type is used for public clients like mobile and native apps, Single Page web apps, where there is a risk of client secret being compromised.
REST API AUTHENTICATION
Rest API is very much open to interact. Creating posts, getting information of users and much more is readily available.
It secures unauthorized access to your WordPress sites/pages using our WordPress REST API Authentication plugin .
各版本下載點
- 方法一:點下方版本號的連結下載 ZIP 檔案後,登入網站後台左側選單「外掛」的「安裝外掛」,然後選擇上方的「上傳外掛」,把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
- 方法二:透過「安裝外掛」的畫面右方搜尋功能,搜尋外掛名稱「WP OAuth Server ( Login with WordPress )」來進行安裝。
(建議使用方法二,確保安裝的版本符合當前運作的 WordPress 環境。
3.0.0 | 3.0.1 | 3.0.2 | 3.0.3 | 3.0.4 | 4.0.1 | 5.0.1 | 5.0.2 | 5.0.3 | 5.0.4 | 5.0.5 | 5.0.6 | 5.0.7 | 5.1.0 | 5.1.1 | 6.0.0 | 6.0.1 | 6.0.2 | 6.0.3 | 6.0.4 | 6.0.5 | 6.0.6 | 6.0.7 | 6.0.8 | 6.0.9 | 6.1.0 | 6.1.1 | trunk | 2.12.4 | 2.13.0 | 2.13.1 | 2.13.2 | 2.13.3 | 2.13.4 | 2.13.5 | 2.13.6 | 2.13.7 | 2.13.8 |
延伸相關外掛(你可能也想知道)
WP OAuth Server (OAuth Authentication) 》使用 WP OAuth Server 外掛,可將應用程式連結至 WordPress,或使用 SSO 來連結多個網站,讓使用者能夠使用同一個使用者名稱和密碼。此外掛不需要第三方伺服...。
WP OAuth Integration 》允許使用者透過不同的 OAuth2 提供者進行登入/註冊, 功能列表:, , 直接與 Meetup.com 帳戶運作, 開發者可以輕鬆擴展以與不同的 OAuth2 提供者運作, 使用者的...。