See how to manage WordPress Single Sign-On (SSO) with Auth0’s identity and access management platform.
Blog post brought to you by @josh.cunningham
See how to manage WordPress Single Sign-On (SSO) with Auth0’s identity and access management platform.
Blog post brought to you by @josh.cunningham
Happy to answer any questions you have about how this works, how to set everything up, or anything else WordPress/auth related! Feedback on the plugin is welcome as well
Thank you very much for sharing this very useful information.
We’re here for you @bell621iran! Leet us know if you have any other questions!
Hi Josh.cunningham,
I am working to get the token with Auth0 by suing postman. I spent more time with many ways but it still does not work so far.
High appreciate if you have any advice/ideas.
Thanks,
Xuyen Tran
Hey there!
Have you already tried this of our docs on working with Auth0 APIs using Postman?
Josh, in your paper you say:
The plugin can be configured to allow new accounts to be created from Auth0 users even if site registration is turned off. This allows new sites to be added without requiring known users to register!
Can you explain how to do this?
@dakotaspotlight - Absolutely! If you turn site registration off in WordPress general settings and “Auto provisioning” on in the Auth0 plugin settings > Advanced tab, you’ll be able to add users in Auth0 that will create users in WordPress when logging in.
Hi there! Ive recently been tasked with setting up Auth0 across a couple different sites. I have a VUE site set up with Auth0, and Ive got the Wordpress site with the Auth0 plugin installed as well. Everything is working great, and the plugin is super simple to install/setup.
In the VUE site, I can use router middleware to check auth0.isauthenticated before any route, and conditionally ‘login’ the user, and I was wondering if I could somehow do the same for Wordpress?
Im new to Wordpress. So what Id like to do, is when any Wordpress page is loaded, I check if auth0 has an authenticated user (maybe the user had already logged in to my VUE app), and then automatically log them into Wordpress.
If I manually visit wp-login.php route, with a user that had already logged in, it logs the user in without going to the universal loginform (which is great), but id like it login the user without visiting that URL.
I hope that makes sense… ANy help/suggestions would be appreciated.
Hi @flintz! While it’s possible to check the Auth0 session on every page load, we would not recommend it as you might hit your rate limit quickly if you’re doing it on all pages for all unauthenticated users. Because of that, the WordPress plugin does not include that functionality. If you wanted to add it to your site, you would need to include one of our browser-based libraries and redirect through wp-login.php
if a session was found. The Vue library can use what it gets back for the session to be set but the WordPress session cookie needs to be set with WordPress.
Hope that helps!
Does anyone have the updated link to that post?
I am trying to implement auth0 on a wordpress site to let my users sign up and access content.
Thanks!
Hello, Christian! Welcome to the Auth0 Community. Are you referring to an updated blog post to this one: WordPress Single Sign-On (SSO) with Auth0 ?
Hey Dan - Thanks for the warm welcome.
Yes - unless there is a different version to that blog that is specific to implementing auth0 on wordpress (honestly I am looking to use passwordless OTP and using auth0 for regular users, not admins)
Gotcha! This is the latest blog post that we have on Wordpress.
The other resources we have is the following: Integrate with WordPress
Let me ask if we support the features that you’d like to use. Is this a correct recap?
That is absolutely correct, and more specifically via email (not SMS OTP), and for both account creation and account sign in.
Thanks Dan - I feel like I am abusing this threat (I usually try to keep an issue per threat
Hi Josh, and community
We are encountering a problem trying to implement SSO between a PHP app and a WordPress site, with Auth0 has Identity Provider.
Some info:
Here is where we are stuck:
Since the user already have an Auth0 session, shouldn’t he already be logged in on the WordPress site ?
Reverse process also ends with the same problem.
What are we missing ? Thanks for any help !