Wild Apricot OAuth integration with Auth0

Hi! We love Auth0 and have used that with Google to authenticate the committee members through a Laravel integration. Worked flawlessly. Now we are looking to integrate member based authentication with Auth0 and Laravel and have been using the Authentication | Social Connections as the basis. That seems to work as I get the SSO username / password screen and it seems to authenticate as at a browser cookie level, I can open the member web page, but… the Auth0 log that is generated and then the Laravel route says that it’s not successful. I think this comes down to Auth0 not getting the token or something like that. Either way… here’s the raw log entry that is generated:

{
  "date": "2022-04-02T22:00:54.362Z",
  "type": "f",
  "description": "User failed to login",
  "connection": "WildApricot",
  "connection_id": "<connection_id>",
  "client_id": "<client_id>",
  "client_name": "All Applications",
  "ip": "<ip_address>",
  "user_agent": "Firefox 99.0.0 / Mac OS X 10.15.0",
  "details": {
    "body": {},
    "qs": {
      "code": "101dc95bae0c4c66925dcdef4f8ea79c",
      "state": "j91jcYcN0vLvdgCC3oryf34j0SP0plRw"
    },
    "connection": "WildApricot",
    "error": {
      "message": null,
      "oauthError": "invalid_request",
      "type": "request-error"
    },
    "session_id": "NQCu9QS4XDgz6glf8K80uKjUyRoqVwnm"
  },
  "hostname": "<our domain>.auth0.com",
  "strategy": "oauth2",
  "strategy_type": "social",
  "log_id": "90020220402220059406141054250671160826950045098158588002",
  "_id": "90020220402220059406141054250671160826950045098158588002",
  "isMobile": false
}

and here is the context entry that is generated:

{
  "body": {},
  "qs": {
    "code": "101dc95bae0c4c66925dcdef4f8ea79c",
    "state": "j91jcYcN0vLvdgCC3oryf34j0SP0plRw"
  },
  "connection": "WildApricot",
  "error": {
    "message": null,
    "oauthError": "invalid_request",
    "type": "request-error"
  },
  "session_id": "NQCu9QS4XDgz6glf8K80uKjUyRoqVwnm"
}

When you do a “try connection” it brings you to the sso sign in screen and accepts the username / password combination… but then bums out with the following text after which I checked the logs and saw the above:

Bummer! Something failed
If you are seeing this, it means that your connection didn't work.
These are the details:
{
  "error": "invalid_request"
}

So what I am thinking is that when it is signing in and then needs to access the token etc. it is doing an api query that is not correct. Wild Apricot is a club / association member management system and they do support OAuth which was originally created for Wordpress. https://gethelp.wildapricot.com/en/articles/200-single-sign-on-service is the description for how this should work, but I am almost certain that there is something that needs to be configured in Auth0’s Authentication | Social | Wild Apricot | [Fetch User Profile Script & Custom Headers] settings to make this work. The Wild Apricot link above describes the following:

The client_id and client_secret should be passed in the authorization header, delimited by colon and base64 encoded. The authorization scheme is Basic. Example:

POST https://oauth.wildapricot.org/auth/token 
Authorization: Basic Y2xpZW50X2lkOmNsaWVudF9wYXNzd29yZA== grant_type=authorization_code&code=09827394752790347&client_id=CLIENT_ID&redirect_uri=http://callback.yourdomain.com&scope=contacts_me 

The oAuth service returns the authentication token in JSON format. The token can now be used in Wild Apricot API calls. For more information on the authentication response, click here.

But not sure what do to next to make this happen. Searching the forums and what not, but not been able to locate anything specific towards this and hoping there is someone in the community that could perhaps help?!

I bet this would be very interesting for others in the Wild Apricot user community as well and would love to see an actual integration done. In some context, this could even be worth spending sone $'s on if that was required.

Did you solve this? We want to add social logins to our wild apricot site

Hi! No - unfortunately did not get that done as I had a business trip coming up. Will be continuing to look into this shortly… but still outstanding as of today. Might need a couple of weeks to get things moving and crossing fingers should be able to get this done. At least that is my hope!