[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fnpuBUOgQUv6mD_9f92BgEVEswgYXFImMUBx4Lqn5G70":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":142,"fingerprints":197},"openid-connect-server","OpenID Connect Server","2.0.0","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>With this plugin you can use your own WordPress install to authenticate with a webservice that provides \u003Ca href=\"https:\u002F\u002Fopenid.net\u002Fconnect\u002F\" rel=\"nofollow ugc\">OpenID Connect\u003C\u002Fa> to implement Single-Sign On (SSO) for your users.\u003C\u002Fp>\n\u003Cp>The plugin is currently only configured using constants and hooks as follows:\u003C\u002Fp>\n\u003Ch3>Define the RSA keys\u003C\u002Fh3>\n\u003Cp>If you don’t have keys that you want to use yet, generate them using these commands:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>openssl genrsa -out oidc.key 4096\nopenssl rsa -in oidc.key -pubout -out public.key\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>And make them available to the plugin as follows (this needs to be added before WordPress loads):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'OIDC_PUBLIC_KEY', \u003C\u003C\u003COIDC_PUBLIC_KEY\n-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----\nOIDC_PUBLIC_KEY\n);\n\ndefine( 'OIDC_PRIVATE_KEY', \u003C\u003C\u003COIDC_PRIVATE_KEY\n-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\nOIDC_PRIVATE_KEY\n);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Alternatively, you can also put them outside the webroot and load them from the files like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'OIDC_PUBLIC_KEY', file_get_contents( '\u002Fweb-inaccessible\u002Foidc.key' ) );\ndefine( 'OIDC_PRIVATE_KEY', file_get_contents( '\u002Fweb-inaccessible\u002Fprivate.key' ) );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Define the clients\u003C\u002Fh3>\n\u003Cp>Define your clients by adding a filter to \u003Ccode>oidc_registered_clients\u003C\u002Fcode> in a separate plugin file or \u003Ccode>functions.php\u003C\u002Fcode> of your theme or in a MU-plugin like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'oidc_registered_clients', 'my_oidc_clients' );\nfunction my_oidc_clients() {\n    return array(\n        'client_id_random_string' => array(\n            'name' => 'The name of the Client',\n            'secret' => 'a secret string',\n            'redirect_uri' => 'https:\u002F\u002Fexample.com\u002Fredirect.uri',\n            'grant_types' => array( 'authorization_code' ),\n            'scope' => 'openid profile',\n        ),\n    );\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Exclude URL from caching\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>example.com\u002Fwp-json\u002Fopenid-connect\u002Fuserinfo\u003C\u002Fcode>: We implement caching exclusion measures for this endpoint by setting \u003Ccode>Cache-Control: 'no-cache'\u003C\u002Fcode> headers and defining the \u003Ccode>DONOTCACHEPAGE\u003C\u002Fcode> constant. If you have a unique caching configuration, please ensure that you manually exclude this URL from caching.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Github Repo\u003C\u002Fh3>\n\u003Cp>You can report any issues you encounter directly on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FAutomattic\u002Fwp-openid-connect-server\" rel=\"nofollow ugc\">Github repo: Automattic\u002Fwp-openid-connect-server\u003C\u002Fa>\u003C\u002Fp>\n","Use OpenID Connect to log in to other webservices using your own WordPress.",100,7729,0,"2025-04-17T11:48:00.000Z","6.8.5","6.0","7.4",[19,20,21,22,23],"oauth","oauth-server","oidc","openid","openid-connect","https:\u002F\u002Fgithub.com\u002FAutomattic\u002Fwp-openid-connect-server","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fopenid-connect-server.2.0.0.zip",null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"automattic",213,19158100,92,1384,73,"2026-04-03T23:31:19.005Z",[38,62,82,100,123],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":58,"download_link":59,"security_score":48,"vuln_count":60,"unpatched_count":13,"last_vuln_date":61,"fetched_at":27},"miniorange-oauth-20-server","WP OAuth Server ( Login with WordPress )","6.1.3","miniOrange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberlord92\u002F","\u003Cp>WP OAuth Server plugin turns your WordPress site into an OAuth Server, enabling Login with WordPress. It allows you to login into \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-configure-rocket-chat-oauth-client\" rel=\"nofollow ugc\">Rocket Chat\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-configure-invision-community-oauth-client\" rel=\"nofollow ugc\">Invision Community\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-setup-single-sign-on-between-two-wordpress-sites\" rel=\"nofollow ugc\">WordPress\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.miniorange.com\u002Fsingle-sign-on-(sso)-for-odoo\" rel=\"nofollow ugc\">Odoo\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-circle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">EasyGenerator\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-salesforce-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Salesforce\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fzapier-integration-with-wordpress-oauth-server\" rel=\"nofollow ugc\">Zapier\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-moodle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Moodle WordPress SSO\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-servicenow-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">ServiceNow\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-open-edx-edunext-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Edunext\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-wickr-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Wickr\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-freshworks-freshdesk-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Freshdesk\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-freshworks-freshdesk-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">FreshWorks\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-servicenow-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">ServiceNow\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fshinyproxy-single-sign-on-sso-with-wordpress-as-oauth-server\" rel=\"nofollow ugc\">ShinyProxy\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-knack-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Knack database\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-circle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Circle.so\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-tribe-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Tribe.so\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-tribe-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Tribe\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-mobilize-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Mobilize\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-nextcloud-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Nextcloud SSO\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-church-online-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Church Online\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\">iSpring LMS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-academy-of-mine-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Academy of Mine\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\">BoardEffect\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ftalentlms-sso-using-wordpress-as-openid-connect-server\" rel=\"nofollow ugc\">TalentLMS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-single-sign-on-sso-for-laravel-using-wordpress-as-oauth-provider\" rel=\"nofollow ugc\">Laravel\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpowerschool-sis-sso-using-wordpress-as-openid-connect-server\" rel=\"nofollow ugc\">PowerSchool\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpowerschool-sis-sso-using-wordpress-as-openid-connect-server\" rel=\"nofollow ugc\">PowerSchool\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-openid-connect-single-sign-on-sso-into-joomla-using-wordpress\" rel=\"nofollow ugc\">Joomla\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-into-hubspot-using-wordpress\" rel=\"nofollow ugc\">HubSpot SSO\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-single-sign-on-sso-for-shopify-using-wordpress-as-identity-provider\" rel=\"nofollow ugc\">shopify sso integration\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fmerithub-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">MeritHub\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fbookstack-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Bookstack\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpimcore-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Pimcore\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002F360learning-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">360 Learning\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Feventmobi-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">EventMobi\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsynology-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Synology\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdrupal-wordpress-sso-integration-with-oauth-client-drupal-wordpress-login\" rel=\"nofollow ugc\">Drupal\u003C\u002Fa>, Piano Analytics, Zerotier, and any other OAuth 2.0 compliant applications using WordPress SSO credentials.\u003C\u002Fp>\n\u003Cp>| \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\">WordPress OAuth Server Setup Guides\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-api-documentation\" rel=\"nofollow ugc\">API Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-oauth-server#free-trial-oauth\" rel=\"nofollow ugc\">Demo \u002F Trial\u003C\u002Fa> |\u003C\u002Fp>\n\u003Cp>You can checkout the below video tutorial to know how to setup SSO with your OAuth\u002FOpenID Compliant Applications.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fc6v-SqRhg8o?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Basically, the OAuth Server plugin allows users to login into applications that are OAuth 2.0 compliant, facilitating oauth server SSO using their WordPress login credentials. As it’s name suggests, it follows the OAuth 2.0 protocol. Along with that, it also supports OpenID Connect (OIDC), and JWT protocols.\u003C\u002Fp>\n\u003Cp>The primary goal of the OAuth Server plugin is to provide Single Sign-On Login with WordPress, so users do not need to remember a username and password for each application.\u003Cbr \u002F>\nUsing WordPress as OAuth Server, once Single Sign On is enabled, users do not need to store sensitive information to login into different applications.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Discovery URL\u003C\u002Fstrong>\u003Cbr \u002F>\nThe discovery url \u002F well-known endpoint can be used to get metadata about your Identity Server, essential for setting up oauth server SSO. It will return information about the OAuth\u002FOpenID endpoints, issuer URL, supported grant types, supported scopes, key material along with claims in the JSON format. These details can be used by the clients to create an OpenID server request, enhancing the WordPress SSO experience. The well known configuration URL is accessible via \u002F.well-known\u002Fopenid-configuration, in relation to the issuer URL.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>JWT Token Verification\u003C\u002Fstrong>\u003Cbr \u002F>\nJWT signing, which ensures the integrity of the tokens used during the WordPress SSO process, supports both symmetric and asymmetric algorithms provided by the OAuth Server. The plugin’s free version supports HS256, while the premium version supports RS256, enhancing security especially in scenarios involving HubSpot SSO and Nextcloud SSO.\u003C\u002Fp>\n\u003Cp>HS256, a symmetric signature algorithm, indicates that the signature is generated and verified using the same secret key. It is supported in the free version of the OAuth Server plugin, which is useful for basic OAuth Server SSO configurations.\u003C\u002Fp>\n\u003Cp>RS256, an asymmetric signature algorithm is different from a symmetric algorithm in that a pair of private and public keys is used to sign and validate the data respectively instead of a single secret key in an oauth server SSO setup.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why RSA algorithm should be used?\u003C\u002Fstrong>\u003Cbr \u002F>\nThe use of a public and private key pair makes RS256 more secure in comparison to HS256 where the public key is shared and might be compromised whereas in RS256, even if you do not have the control over your client, your data remains secure as it is signed using a private key. The premium version of the OAuth Server plugin supports the RS256 algorithm.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Postman collection\u003C\u002Fstrong>\u003Cbr \u002F>\nPostman collection JSON is a file that can be used for testing the configuration of OAuth 2.0 flow in the WP OAuth Server plugin without configuring an external OAuth Client by generating the access token and the API call to the resource endpoint subsequently.\u003C\u002Fp>\n\u003Ch4>LIST OF POPULAR OAUTH CLIENTS SUPPORTED\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-configure-rocket-chat-oauth-client\" rel=\"nofollow ugc\"> Rocket.Chat \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-configure-invision-community-oauth-client\" rel=\"nofollow ugc\"> Invision Community (IPB Forum) \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.miniorange.com\u002Fsingle-sign-on-(sso)-for-odoo\" rel=\"nofollow ugc\"> Odoo \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-setup-single-sign-on-between-two-wordpress-sites\" rel=\"nofollow ugc\"> WordPress SSO into other WordPress Sites \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-circle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> EasyGenerator \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-salesforce-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Salesforce \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fzapier-integration-with-wordpress-oauth-server\" rel=\"nofollow ugc\"> Zapier  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-moodle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Moodle  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-open-edx-edunext-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Edunext  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-wickr-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Wickr  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-freshworks-freshdesk-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Freshdesk  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-freshworks-freshdesk-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> FreshWorks  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-servicenow-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> ServiceNow  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-knack-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Knack database  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-circle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Circle.so  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-tribe-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Tribe.so  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-mobilize-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Mobilize  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-nextcloud-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Nextcloud  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\"> iSpring LMS \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-church-online-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Church Online \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-academy-of-mine-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Academy of Mine \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\"> BoardEffect \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-single-sign-on-sso-for-laravel-using-wordpress-as-oauth-provider\" rel=\"nofollow ugc\">Laravel\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpowerschool-sis-sso-using-wordpress-as-openid-connect-server\" rel=\"nofollow ugc\">PowerSchool\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-openid-connect-single-sign-on-sso-into-joomla-using-wordpress\" rel=\"nofollow ugc\">Joomla\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-into-hubspot-using-wordpress\" rel=\"nofollow ugc\">HubSpot\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-single-sign-on-sso-for-shopify-using-wordpress-as-identity-provider\" rel=\"nofollow ugc\">Shopify\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fmerithub-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">MeritHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fbookstack-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Bookstack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpimcore-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Pimcore\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002F360learning-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">360 Learning\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Feventmobi-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">EventMobi\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsynology-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Synology\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdrupal-wordpress-sso-integration-with-oauth-client-drupal-wordpress-login\" rel=\"nofollow ugc\">Drupal\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Piano Analytics\u003C\u002Fli>\n\u003Cli>Zerotier\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WORDPRESS OAUTH \u002F OPENID CONNECT SERVER USE CASES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>If you want to use your WordPress site as an Identity Server \u002F OAuth Server \u002F OAuth Provider and utilize Login with WordPress to access your client site\u002Fapplication with WordPress user’s login credentials, then you can use this plugin. You can also decide what kind of user data\u002Fattributes you want to send while Single Sign-On into your client site\u002Fapplication, including Moodle WordPress SSO and Nextcloud SSO functionalities.\u003C\u002Fli>\n\u003Cli>If you want to login to your Mobile app \u002F Single Page web app (SPA) using your WordPress credentials, then you can use the Authorization code with PKCE flow grant type to achieve your use case.\u003C\u002Fli>\n\u003Cli>Single set of credentials will be used to login to multiple WordPress websites.\u003C\u002Fli>\n\u003Cli>You can access the NGINX resources using NGINX Authentication. Once you login into your client application using WP OAuth Server credentials, you will get JWT. Your client application can further use it for NGINX Authentication. \u003C\u002Fli>\n\u003Cli>Membership sync or role mapping is used to sync the memberships or roles assigned to your users from OAuth Server to OAuth\u002FOpenID Client.\u003C\u002Fli>\n\u003Cli>Custom Attribute Mapping is helpful if you want to send additional attributes (beyond the default ones) from your WordPress \u003Cem>usermeta\u003C\u002Fem> table to your OAuth\u002FOpenID client using Login with WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WORDPRESS OAUTH \u002F OPENID CONNECT SERVER FREE VERSION FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Supports Login with WordPress for \u003Cstrong>Single Client\u003C\u002Fstrong> application\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protocol Support:\u003C\u002Fstrong> OAuth 2.0, OpenID Connect (OIDC)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Discovery document\u003C\u002Fstrong> \u002F well-known endpoint for automatic configuration\u003C\u002Fli>\n\u003Cli>JWT signing using \u003Cstrong>HS256\u003C\u002Fstrong> or \u003Cstrong>RS256\u003C\u002Fstrong> algorithm (\u003Cstrong>Note\u003C\u002Fstrong>: In RS256 algorithm, the keys will be common for all the free version installations)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Postman collection\u003C\u002Fstrong> for testing OAuth 2.0 flow without actually configuring the client application\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server Response:\u003C\u002Fstrong> Sends User ID, username, email, first name, last name, display name in the response\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Grant types Supported:\u003C\u002Fstrong> Authorization Code grant\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-Site Support:\u003C\u002Fstrong> Implement the WordPress as OAuth Server within a WordPress Multisite network environment to Login with WordPress users into configured applications.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Master Switch:\u003C\u002Fstrong> Block \u002F unblock OAuth API calls between OAuth Clients and OAuth Server\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Token Length:\u003C\u002Fstrong> Change the access token length\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-api-documentation\" rel=\"nofollow ugc\"> OAuth API Documentation \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\"> Setup guides \u003C\u002Fa> to configure the plugin with various OAuth Clients (more coming soon)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WORDPRESS OAUTH \u002F OPENID CONNECT SERVER PREMIUM VERSION FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>All FREE version features\u003C\u002Fli>\n\u003Cli>Supports Login with WordPress for \u003Cstrong>Multiple Client\u003C\u002Fstrong> applications\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server Response:\u003C\u002Fstrong> Sends all the profile attributes along with roles, allows to send custom attributes from usermeta table and also customize the attribute names that need to be sent in server response\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Grant Types Supported:\u003C\u002Fstrong> Authorization Code Grant, Implicit Grant, Password Grant, Client Credentials Grant, Refresh Token Grant, Authorization Code grant with PKCE flow\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Token Lifetime:\u003C\u002Fstrong> Configure the access token and refresh token expiry time\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enforce State Parameter:\u003C\u002Fstrong> Based on client configuration, you can enable or disable state parameter\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Authorize \u002F Consent prompt:\u003C\u002Fstrong> Enable \u002F disable the consent screen\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Redirect \u002F Callback URI Validation:\u003C\u002Fstrong> Enable \u002F disable this feature, based on dynamic redirect to a different pages for certain conditions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JWT Signing Algorithm:\u003C\u002Fstrong> Supports signing algorithms HSA and RSA (with dynamic keys for each client setup)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Additional endpoints:\u003C\u002Fstrong> Provides Introspection endpoint, OpenID Connect Single logout endpoint, Revoke endpoint\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>A grant is a method of acquiring an access token. Deciding which grants to implement depends on the type of client the end user will be using, and the experience you want for your users.\u003C\u002Fp>\n\u003Ch4>WE SUPPORT FOLLOWING GRANTS:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Authorization code grant\u003C\u002Fstrong> : This code grant is used when there is a need to access the protected resources on behalf of the user on another third party application.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Implicit grant\u003C\u002Fstrong> : This grant relies on resource owner and registration of redirect uri. In authorization code grant users need to ask for authorization and access token each time, but here access token is granted for a particular redirect uri provided by a client using a particular browser.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client credential grant\u003C\u002Fstrong> : This grant type heads towards specific clients, where access token is obtained by client by only providing client credentials. This grant type is quite confidential.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Resource owner password credentials grant\u003C\u002Fstrong> : This type of grant is used where the resource owner has a trust relationship with the client. Just by using username and password, provided by resource owner authorization and authentication can be achieved.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Refresh token grant\u003C\u002Fstrong> : Access tokens obtained in OAuth flow eventually expire. In this grant type client can refresh his or her access token.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Authorization code grant with PKCE flow\u003C\u002Fstrong> : This grant type is used for public clients like mobile and native apps, Single Page web apps, where there is a risk of client secret being compromised.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>REST API AUTHENTICATION\u003C\u002Fh4>\n\u003Cp>Rest API is very much open to interact. Creating posts, getting information of users and much more is readily available.\u003Cbr \u002F>\nIt secures unauthorized access to your WordPress sites\u002Fpages using our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-rest-api-authentication\u002F\" rel=\"ugc\"> WordPress REST API Authentication plugin \u003C\u002Fa>.\u003C\u002Fp>\n","Single Sign-On using WordPress - Login with WordPress to your application\u002Fsites using your WordPress account. [24\u002F7 Support]",900,50872,98,40,"2026-01-30T04:47:00.000Z","6.9.4","4.8","5.6",[55,20,56,22,57],"oauth-provider","oauth2","wordpress-login","https:\u002F\u002Fwww.miniorange.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminiorange-oauth-20-server.6.1.3.zip",1,"2022-08-02 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":13,"num_ratings":13,"last_updated":72,"tested_up_to":51,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":79,"download_link":80,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":81},"scouting-openid-connect","Scouting OpenID Connect","2.3.0","Scouting Nederland","https:\u002F\u002Fprofiles.wordpress.org\u002Fscoutingnederland\u002F","\u003Cp>A WordPress plugin for logging in with Scouting Nederland OpenID Connect Server.\u003C\u002Fp>\n\u003Cp>This plugin allows users to authenticate and login to their WordPress websites using their Scouting Nederland OpenID Connect credentials.\u003Cbr \u002F>\nIt provides a secure and convenient way for Scouting Nederland members to access their WordPress sites without the need for separate login credentials.\u003Cbr \u002F>\nWith this plugin, users can seamlessly integrate their Scouting Nederland accounts with their WordPress websites, enhancing the user experience and simplifying the login process.\u003C\u002Fp>\n","WordPress plugin for logging in with Scouting Nederland OpenID Connect Server.",10,1161,"2026-02-16T20:51:00.000Z","6.6.0","8.2",[21,23,76,77,78],"scouting","scouting-nederland","sol","https:\u002F\u002Fgithub.com\u002FScouting-nl\u002Fscouting-openid-connect","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscouting-openid-connect.2.3.0.zip","2026-03-15T14:54:45.397Z",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":70,"downloaded":90,"rating":13,"num_ratings":13,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":97,"download_link":98,"security_score":99,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"vivokey-openid-connect","VivoKey OpenID Connect","1.2","vivokey","https:\u002F\u002Fprofiles.wordpress.org\u002Fvivokey\u002F","\u003Cp>VivoKey is a digital identity platform that links your online digital identity VivoKey profile with one or more implantable cryptobionic NFC transponders. This plugin will enable you to use your VivoKey digial identity profile to authetnicate your WordPress account by scanning your VivoKey cryptobionic implant, rather than enter your username and password. The plugin utilizes VivoKey’s web-standard OpenID Connect API. Details about the API can be found at \u003Ca href=\"https:\u002F\u002Fvivokey.com\u002Fapi\" rel=\"nofollow ugc\">https:\u002F\u002Fvivokey.com\u002Fapi\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Check out this video that details how to configure and use the VivoKey OpenID Connect plugin for WordPress:\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FN30D9uImIxA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>To see a list of available VivoKey plugins, please check here: \u003Ca href=\"https:\u002F\u002Fvivokey.com\u002Fplugins\" rel=\"nofollow ugc\">https:\u002F\u002Fvivokey.com\u002Fplugins\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cp>Please feel free to clean up the code, add features and fix bugs. The current code serves only as a basic implementation with many potential improvements.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FVivoKey\u002Fplugin-wordpress\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FVivoKey\u002Fplugin-wordpress\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pull requests welcome.\u003C\u002Fstrong>\u003C\u002Fp>\n","Authenticate your WordPress account by scanning your VivoKey cryptobionic implant instead of using your username and password.",1397,"2019-11-06T00:57:00.000Z","5.2.24","4.6","5.2.4",[96,56,23,86],"authentication","https:\u002F\u002Fgithub.com\u002FVivoKey\u002Fplugin-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvivokey-openid-connect.1.2.zip",85,{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":11,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":17,"tags":114,"homepage":119,"download_link":120,"security_score":48,"vuln_count":121,"unpatched_count":13,"last_vuln_date":122,"fetched_at":27},"daggerhart-openid-connect-generic","OpenID Connect Generic Client","3.11.3","Jonathan Daggerhart","https:\u002F\u002Fprofiles.wordpress.org\u002Fdaggerhart\u002F","\u003Cp>This plugin allows to authenticate users against OpenID Connect OAuth2 API with Authorization Code Flow.\u003Cbr \u002F>\nOnce installed, it can be configured to automatically authenticate users (SSO), or provide a “Login with OpenID Connect”\u003Cbr \u002F>\nbutton on the login form. After consent has been obtained, an existing user is automatically logged into WordPress, while\u003Cbr \u002F>\nnew users are created in WordPress database.\u003C\u002Fp>\n\u003Cp>Much of the documentation can be found on the Settings > OpenID Connect Generic dashboard page.\u003C\u002Fp>\n\u003Cp>Please submit issues to the Github repo: https:\u002F\u002Fgithub.com\u002Foidc-wp\u002Fopenid-connect-generic\u003C\u002Fp>\n","A simple client that provides SSO or opt-in authentication against a generic OAuth2 Server implementation.",10000,177319,20,"2026-02-13T04:36:00.000Z","6.9.0","5.0",[115,116,56,117,118],"apps","login","openidconnect","security","https:\u002F\u002Fgithub.com\u002Foidc-wp\u002Fopenid-connect-generic","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdaggerhart-openid-connect-generic.3.11.3.zip",2,"2025-12-17 00:00:00",{"slug":124,"name":125,"version":126,"author":42,"author_profile":43,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":48,"num_ratings":131,"last_updated":132,"tested_up_to":51,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":58,"download_link":139,"security_score":140,"vuln_count":70,"unpatched_count":13,"last_vuln_date":141,"fetched_at":27},"miniorange-login-with-eve-online-google-facebook","OAuth Single Sign On – SSO (OAuth Client)","6.26.17","\u003Cp>\u003Cstrong>WordPress Single Sign-On\u003C\u002Fstrong> (WordPress SSO) with our \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-sso?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_1\" rel=\"nofollow ugc\">OAuth & OpenID Connect plugin\u003C\u002Fa>\u003C\u002Fstrong> allows unlimited login\u002FSSO (Single Sign On) with your \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-ad-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_2\" rel=\"nofollow ugc\">Azure AD\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-b2c-ad-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_3\" rel=\"nofollow ugc\">Azure B2C\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgoogle-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_4\" rel=\"nofollow ugc\">G Suite \u002F Google Apps \u002F Google Workspace\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclasslink-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_12\" rel=\"nofollow ugc\">ClassLink\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclever-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_11\" rel=\"nofollow ugc\">Clever\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foffice-365-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_5\" rel=\"nofollow ugc\">Office 365\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Faws-cognito-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_6\" rel=\"nofollow ugc\">AWS Cognito\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdiscord-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_7\" rel=\"nofollow ugc\">Discord\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fping-federate-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">PingFederate\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsalesforce-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_10\" rel=\"nofollow ugc\">Salesforce\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fkeycloak-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_9\" rel=\"nofollow ugc\">Keycloak\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fokta-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_8\" rel=\"nofollow ugc\">Okta\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidentityserver4-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Identity Server\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Finvision-community-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Invision Community\u003C\u002Fa>\u003C\u002Fstrong> or other custom OAuth 2.0 and OpenID Connect providers. WordPress SSO plugin supports Single Sign On (SSO) with many OAuth 2.0, OAuth 2.1, OAuth 1.0 & OpenID Connect (OIDC) 1.0 providers.\u003C\u002Fp>\n\u003Cp>An unlimited number of users can perform Single Sign-On with OAuth\u002FOIDC supported Identity Providers on WordPress using SSO capabilities.\u003C\u002Fp>\n\u003Cp>|\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-sso#key-features\" rel=\"nofollow ugc\"> Features \u003C\u002Fa>| \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso-with-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_13\" rel=\"nofollow ugc\"> OAuth \u002F OpenID Providers Setup guides \u003C\u002Fa>|\u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FVff0E0KxM3k\" rel=\"nofollow ugc\"> Videos \u003C\u002Fa>|\u003C\u002Fp>\n\u003Ch4>POPULAR OAUTH AND OPENID CONNECT (OIDC) PROVIDERS SINGLE SIGN-ON\u003C\u002Fh4>\n\u003Cp>The following providers support OAuth 2.0\u002FOpenID Connect SSO for WordPress login.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Faws-cognito-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_6\" rel=\"nofollow ugc\">AWS Cognito SSO | Login with AWS Cognito\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foffice-365-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_5\" rel=\"nofollow ugc\">Office 365 SSO | Login with Office 365\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-b2c-ad-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_3\" rel=\"nofollow ugc\">Azure B2C SSO | Login with Azure B2C\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fazure-ad-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Azure AD SSO | Login with Azure AD\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fadfs-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">ADFS SSO | Login with ADFS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fauth0-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Auth0 SSO | Login with Auth0\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fokta-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_8\" rel=\"nofollow ugc\">OKTA SSO | Login with OKTA\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclasslink-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_12\" rel=\"nofollow ugc\">ClassLink SSO | Login with ClassLink\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fkeycloak-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_9\" rel=\"nofollow ugc\">Keycloak SSO | Login with Keycloak\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fclever-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_11\" rel=\"nofollow ugc\">Clever SSO | Login with Clever\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgoogle-classroom-single-sign-on-sso\" rel=\"nofollow ugc\">Google Classroom SSO | Login with Google Classroom\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsalesforce-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_10\" rel=\"nofollow ugc\">Salesforce SSO | Login with Salesforce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-oauth-openid-connect-single-sign-on-sso-using-criipto?utm_source=Readme&utm_medium=Readme&utm_campaign=Readme&utm_id=wpor_15\" rel=\"nofollow ugc\">Criipto SSO | Login with Criipto\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgoogle-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_4\" rel=\"nofollow ugc\">G Suite \u002F Google Apps SSO | Login with Google\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fping-federate-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Ping Federate SSO ( Ping \u002F Ping Identity ) | Login with Ping Federate\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidentityserver4-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">IdentityServer4 SSO | Login with IdentityServer4\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidentityserver3-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">WordPress IdentityServer3 SSO | Login with IdentityServer3\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdiscord-single-sign-on-wordpress-sso-oauth-openid-connect?utm_source=wordpress_readme&utm_medium=marketplace&utm_campaign=readme_traffic&utm_id=wpor_7\" rel=\"nofollow ugc\">Discord SSO | Login with Discord\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fonelogin-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">OneLogin SSO | Login with OneLogin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fswiss-rx-login-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">Swiss-RX-Login SSO ( Swiss RX Login ) | Login with Swiss-RX-Login\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fneon-crm-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Neon CRM SSO | Login with Neon CRM\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fimis-oauth-and-openid-connect-single-sign-on-sso\" rel=\"nofollow ugc\">iMIS SSO | Login with iMIS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsignicat-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Signicat SSO | User Verification with Signicat\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fid-me-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">ID.me SSO | Login with ID.me\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fcanvas-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Canvas SSO | Login with Canvas\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-setup-single-sign-on-between-two-wordpress-sites\" rel=\"nofollow ugc\">WordPress SSO | Login with WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwso2-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">WSO2 SSO | Login with WSO2\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fopenathens-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">OpenAthens SSO | Login with OpenAthens\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhp-single-sign-on-sso-oauth-and-openid-connect\" rel=\"nofollow ugc\">HP SSO | Login with HP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fservicenow-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Servicenow SSO | Login with Servicenow\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Finvision-community-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Invision Community SSO | Login with Invision Community\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fforgerock-open-am-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">OpenAM \u002F Forgerock SSO | Login with Forgerock\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fnextcloud-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">NextCloud SSO | Login with NextCloud\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Forcid-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Orcid SSO | Login with Orcid\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fmemberclicks-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">Memberclicks SSO | Login with MemberClicks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsheepcrm-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">SheepCRM SSO | Login with SheepCRM\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Famazon-oauth-and-openid-connect-single-sign-on-sso-login\" rel=\"nofollow ugc\">Amazon SSO | Login with Amazon\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fslack-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Slack SSO | Login with Slack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fyahoo-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Yahoo SSO | Login with Yahoo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flinkedin-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">LinkedIn SSO | Login with LinkedIn\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgitlab-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Gitlab SSO | Login with Gitlab\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fgithub-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">GitHub SSO | Login with GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-apple-app-using-wordpress-oauth-client\" rel=\"nofollow ugc\">Apple SSO | Login with Apple\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstrava-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Strava SSO | Login with Strava\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fblizzard-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Blizzard \u002F Battle.net SSO | Login with Battle.net\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Feve-online-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Eve Online SSO | Login with Eve Online\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhubspot-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">Hubspot SSO | Login with Hubspot\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ftwitter-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">X(Twitter) SSO | Login with Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fzoho-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">Zoho SSO | Login with Zoho\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fidaptive-single-sign-on-for-wordpress-using-oauth\" rel=\"nofollow ugc\">Idaptive SSO | CyberArk SSO | Login with CyberArk\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwhmcs-single-sign-on-wordpress-sso-oauth-openid-connect\" rel=\"nofollow ugc\">WHMCS SSO | Login with WHMCS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ffranceconnect-single-sign-on-sso-wordpress-oauth\" rel=\"nofollow ugc\">France Connect SSO | Login with France Connect\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>OTHER OAUTH AND OPENID CONNECT (OIDC) PROVIDERS WE SUPPORT FOR WORDPRESS SINGLE SIGN-ON (SSO)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Other OAuth 2.0 and OpenId Connect ( OIDC ) 1.0 servers WordPress Single Sign-On ( SSO ) plugin support includes Office 365, AWS Cognito, Microsoft Dynamic CRM 365, Auth0, Google Workspace, Egnyte, Autodesk, Zendesk, Foursquare, Harvest, Mailchimp, Bitrix24, Spotify, Vkontakte, Huddle, Reddit, Strava, Ustream, Yammer, RunKeeper, Instagram, SoundCloud, Pocket, PayPal, Pinterest, Vimeo, Nest, Heroku, DropBox, Buffer, Box, Hubic, Deezer, DeviantArt, Delicious, Dailymotion, Bitly, Mondo, Netatmo, Amazon, FitBit, Clever, Sqaure Connect, Windows, Microsoft Live, Dash 10, Github, Invision Community, Blizzard, authlete, Keycloak, Procore, Eve Online, Laravel Passport, Nextcloud, Renren, Soundcloud, OpenAM \u002F Forgerock, IdentityServer, ORCID, Diaspora, Timezynk, Idaptive CyberArk, Duo Security, Rippling, Crowd, Janrain, Numina Solutions, Ubuntu Single Sign-On, Apple, Ipsilon, Zoho, Stripe, Itthinx, Fellowshipone, Miro, Naver, Clever, Coil, Parallel Markets, VATSIM, Liferay, Fatsecret, Intuit, iMIS, ORY Hydra, FusionAuth, Kakao, ID.me, MoxiWorks, HR Answerlink \u002F Support center, ClassLink, Google Classroom, MemberClicks, BankID, CSI, Splitwise, Infusionsoft, Hubspot, Join It, MyAcademicID, MemberConnex, Novi, Coassemble, Servicenow, IBM APP ID, Nimble AMS, iSpring LMS, Neon CRM, EPIC, IPB forum, Wiziq, Sprinklr, Elvanto, ABSORB LMS, Wechat, Weibo, Shibboleth, Centrify, FranceConnect, Church Online, Bigcommerce, Sewobe, PracticePanther, SubscribeStar, Eventbrite, Medi-Access, Lichess, CILogon, Servicem8, Gigya, PhantAuth, XING, Simplecast, SURF, MediaWiki, UNA, NetSuite, Oracle IDCS, Globus, Square, SimpleSAMLphp, Basecamp, HP, SHELL, Otoy, Steam, Webflow, Simplepass, Feide, SingPass, Asmodee, SwissID, Miro, Alkami, Switch, Citrix, Schoology, iGov, LearnWorlds, France Connect, DID, Blackboard, UAEPass, Polar, CodeB, Vincere CRM, F5, TicketMaster, BizLibrary, Skolon, Rapattoni, PowerSchool, Minecraft, NETS, Joomla, Drupal, ASP.NET, CA Siteminder, Outseta, XUMM, ID Austria, Ubisecure, Gravitee.io, SheepCRM, Wahoo, WeatherFlow Tempest, OneWelcome \u002F iWelcome, Xbox, Trovo, Cornerstone, Criipto, bare.id, Discourse, Authentik, Sailpoint, Coil, Asset Bank, GrowthZone, Vipps, Authorizer, Deviant Art, Miracl, Teamsnap, Authelia, Django, IDsampa, Cvent, SERMO, Pixelfed, Finys, Login.gov, Fastcase, Acuity, ARPA, Zitadel, Yeti, myID.be, memberful,Open edX \u002F eduNEXT, Teachable, Mindbody etc. This comprehensive SSO support facilitates seamless integration and secure authentication across a wide range of platforms.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Single Sign-On ( Login to WordPress )\u003C\u002Fh4>\n\u003Cp>WordPress Single Sign-On allows users to log into any website\u002Fapplication using the single set of credentials of another app\u002Fsite through the SSO feature.\u003Cbr \u002F>\n\u003Cstrong>Example:\u003C\u002Fstrong>Let’s say you have all your users\u002Fcustomers\u002Fmembers\u002Femployees stored on a site, called ‘site A’ and you want all of them to register\u002Flogin using SSO to your WordPress site called ‘site B’. In this scenario, you can register\u002Flogin all your users of site A into site B using the login credentials\u002Faccount of site A. This is called Single Sign-On, and it simplifies user management.\u003C\u002Fp>\n\u003Ch4>WordPress Single Sign-On supported Third-Party Application \u002F OAuth OpenID Provider\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The Third-Party Application can be anything where user accounts are stored or a site\u002Fapplication where you want to store\u002Fmigrate all the users. It can be your social login app, WordPress site, OAuth provider, OpenID provider, custom provider or any database.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Identity providers such as OAuth Identity Provider, OAuth Server, OpenID Connect Server, OpenID Connect Provider, and OIDC Application support Single Sign-On. SSO integration ensures secure user authentication and management across these platforms.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>OAuth and OpenID Connect are token-based Single Sign-On protocols that allow an end user’s account information to be used by third-party services without exposing the user’s password.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Single Sign-On USE CASES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress to WordPress SSO\u003C\u002Fstrong>: Single Sign On to one\u002Fmultiple WordPress site (single\u002Fmultisite) using User Credentials stored on another WordPress site with WordPress SSO plugin.\u003C\u002Fli>\n\u003Cli>Single Sign On to one\u002Fmultiple WordPress site (single \u002F multisite) using User Credentials stored on your OAuth \u002F OpenID Connect (OIDC) application.\u003C\u002Fli>\n\u003Cli>Single Sign On into WordPress using existing User stores (Active Directory\u002FDatabase)\u003C\u002Fli>\n\u003Cli>SSO and extended plugin functionality using tokens (access_token \u002F JWT token \u002F id_token) such as secure API calls using third-party token\u003C\u002Fli>\n\u003Cli>Others: eCommerce Single Sign On\u002FLogin, Single sign on for Educational and Healthcare paltforms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Microsoft SSO\u002FAzure SSO\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This WordPress Single Sign-On (OAuth \u002F OpenID Connect SSO) plugin supports SSO with Microsoft apps like Azure AD, Azure B2C, Office 365, Microsoft Dynamics CRM, Microsoft Teams, and Windows Live. It also supports policy-based login redirections, including sign-up, sign-in, forgot password, and custom policies, enhancing the login experience across Microsoft services.\u003C\u002Fp>\n\u003Cp>WordPress integrates with Microsoft services like Azure AD, Azure B2C, and Office 365 for secure Single Sign-On across single-site and multisite networks (including subdomains). Users can perform single sign-on, map profile attributes, and manage role-based access across applications and tenants using SSO\u003C\u002Fp>\n\u003Cp>Apart from SSO, it also supports WordPress-Azure integrations and customizations, such as token-based calls to specific APIs and the Microsoft Graph API, enhancing the login experience\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cognito SSO\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The WordPress Single Sign-On plugin supports WordPress Login with AWS Cognito, Amazon, and WordPress using Cognito. It provides user profile syncing, role mapping, and token fetching from AWS Cognito for API calls. Customizations include integrating Cognito SDKs, syncing new registrations, logging in via the default WordPress form instead of Cognito’s SSO page, connecting to the Cognito User Pool, and configuring login redirections.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Discord SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nThis WordPress Single Sign-On plugin enables Discord login into WordPress. It supports syncing user profiles from Discord to WordPress, mapping Discord roles to WordPress roles, mapping WordPress roles to Discord roles, and managing Discord role memberships based on WordPress purchases.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Keycloak SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nThe WordPress Single Sign-On (OAuth \u002F OpenID Connect SSO) plugin works with Keycloak to enable SSO on your WordPress site. It also lets WordPress use Keycloak access tokens to call external services. In addition, the plugin supports role-based access control (RBAC), so you can map Keycloak roles to WordPress roles and capabilities.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Ping Federate SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nOauth Single sign-on plugin enables Login to WordPress using PingFederate. It supports Single Sign-On  with authorized access to Ping REST APIs via access tokens or bearer tokens, ensuring seamless SSO integration and secure interactions with PingFederate.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Clever SSO\u003C\u002Fstrong>\u003Cbr \u002F>\nOauth Single sign-on plugin supports WordPress Login with Clever for users (teachers, students, admins) and integrates with LearnDash to sync lessons and assignments. It also provides SSO with other IDPs like ClassLink, Google Classroom, and Canvas, as well as any Identity Provider (SAML, OAuth, OpenID Connect, Active Directory, databases) via miniOrange IDP.\u003C\u002Fp>\n\u003Ch4>FREE VERSION FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress Single Sign-On OAuth & OpenID Connect Login supports unlimited SSO with any 3rd party OAuth & OpenID Connect server or custom OAuth & OpenID Connect server like AWS Cognito, Azure AD, Azure AD B2C, Office 365, Google Apps, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Single Sign-On  Grant Support\u003C\u002Fstrong> – Standard OAuth2 Grant: Authorization Code\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto Create Users ( User Provisioning )\u003C\u002Fstrong> : After Single Sign On, a new user automatically gets created in WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Account Linking\u003C\u002Fstrong> : After SSO, if the user already exists in WordPress, then their profile gets updated. Else, a new WordPress User is created.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attribute Mapping\u003C\u002Fstrong> : OAuth Login allows you to map your Identity Provider’s unique attribute with WordPress Username Attribute.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Widget\u003C\u002Fstrong> : Use Widgets to integrate the Single Sign-On login on your WordPress site easily.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OpenID Connect & OAuth Provider Support\u003C\u002Fstrong> : WordPress Single Sign On (OAuth Login) supports any OpenID Connect & OAuth Provider seamless Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Redirect URL after Login\u003C\u002Fstrong> : WordPress Single Sign On (OAuth Login) automatically redirects the user after successful Single Sign-On login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logging\u003C\u002Fstrong> : If you run into issues, WordPress Single Sign On (OAuth Login) can be helpful to enable debug logging.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PAID FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Single Sign-On Grant Support\u003C\u002Fstrong>: Standard OAuth2 Grants including \u003Cstrong>Authorization Code\u003C\u002Fstrong>, \u003Cstrong>Implicit Grant\u003C\u002Fstrong>, \u003Cstrong>Password Grant\u003C\u002Fstrong>, \u003Cstrong>Refresh Token Grant\u003C\u002Fstrong>, \u003Cstrong>Client Credential Grant\u003C\u002Fstrong>, \u003Cstrong>authorization code grant with PKCE flow\u003C\u002Fstrong>, and \u003Cstrong>Hybrid Grant\u003C\u002Fstrong> (Customization Available)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto Register Users\u003C\u002Fstrong>: Automatic user registration after SSO if the user is not already registered with your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Attribute Mapping\u003C\u002Fstrong>: Ability to map WordPress user profile attributes, such as username, first name, last name, and email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Role Mapping\u003C\u002Fstrong>: Assign roles to users based on defined rules through Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Force Authentication \u002F Protect Complete Site\u003C\u002Fstrong>: Protect the entire website for public users and grant access only to authenticated users through Single Sign-on.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Attribute Mapping\u003C\u002Fstrong>: Map custom user attributes received from OAuth \u002F OpenID Connect providers to any WordPress user attribute for Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple OAuth & OpenID Connect Provider Support\u003C\u002Fstrong>: Support for multiple SSO providers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Single Login button for Multiple Apps\u003C\u002Fstrong>: Provides a single login button for multiple providers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Extended OAuth API Support\u003C\u002Fstrong>: Extend OAuth \u002F OpenID Connect API support for enhanced Single Sign-On functionality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Single Sign-On Login Reports\u003C\u002Fstrong>: Generate user login and registration reports based on the application used for SSO.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enable \u002F Disable WordPress Default Login\u003C\u002Fstrong>: Option to disable the default WordPress login form and use SSO instead.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>FrontChannel & BackChannel Single Logout Support\u003C\u002Fstrong>: Allows users to be logged out from WordPress as well as the IDP through Single Sign-On.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Third-Party Plugin Compatibility for Single Sign-On\u003C\u002Fstrong>: Compatible with WooCommerce and other third-party plugins for seamless Single Sign-On integration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Add-on Support with Plugin\u003C\u002Fstrong>: Support for various add-ons including SCIM User Provisioning, Page & Post Restriction, BuddyPress Integration, Login Form Add-on, LearnDash Integration, Media Restriction, Attribute\u002FMembership-Based Redirection, SSO Session Management, Paid Membership Pro Integrator, WooCommerce Integrator, SSO Login Audit, Memberpress Integration, and Guest User Login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No SSL Restriction\u003C\u002Fstrong>: Allows SSO login without SSL or HTTPS-enabled site using Google credentials or any other app.\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress SSO (Single Sign On) with Azure, Azure B2C, Cognito, Okta, Classlink, Discord, Clever, Keycloak, OAuth & OpenID Providers [24\u002F7 SUPPORT].",7000,266899,315,"2025-12-15T05:56:00.000Z","3.0.1","7.0",[116,136,22,137,138],"oauth-2-0","single-sign-on","sso","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminiorange-login-with-eve-online-google-facebook.6.26.17.zip",82,"2026-02-05 18:30:28",{"attackSurface":143,"codeSignals":181,"taintFlows":189,"riskAssessment":190,"analyzedAt":196},{"hooks":144,"ajaxHandlers":175,"restRoutes":176,"shortcodes":177,"cronEvents":178,"entryPointCount":13,"unprotectedCount":13},[145,151,156,159,164,170],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","wp_loaded","closure","openid-connect-server.php",21,{"type":146,"name":152,"callback":153,"file":154,"line":155},"template_redirect","handle_request","src\\Http\\Router.php",24,{"type":146,"name":157,"callback":148,"file":154,"line":158},"rest_api_init",43,{"type":146,"name":160,"callback":161,"file":162,"line":163},"login_form_openid-authenticate","authenticate_handler","src\\OpenIDConnectServer.php",67,{"type":165,"name":166,"callback":167,"file":168,"line":169},"filter","site_status_tests","register_site_status_tests","src\\SiteStatusTests.php",7,{"type":146,"name":171,"callback":172,"file":173,"line":174},"oidc_cron_hook","cleanupOldCodes","src\\Storage\\AuthorizationCodeStorage.php",19,[],[],[],[179],{"hook":171,"callback":171,"file":162,"line":180},139,{"dangerousFunctions":182,"sqlUsage":183,"outputEscaping":185,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":121,"bundledLibraries":188},[],{"prepared":70,"raw":13,"locations":184},[],{"escaped":186,"rawEcho":13,"locations":187},27,[],[],[],{"summary":191,"deductions":192},"The \"openid-connect-server\" v2.0.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, raw SQL queries, file operations, or external HTTP requests is highly commendable. Furthermore, the plugin demonstrates excellent practice with 100% of its SQL queries using prepared statements and all output being properly escaped, which significantly mitigates common web vulnerabilities like SQL injection and cross-site scripting (XSS).\n\nThe static analysis reveals a very limited attack surface with no unprotected entry points. The presence of capability checks, although minimal, is a positive indicator of access control measures. The lack of any recorded CVEs or past vulnerabilities further reinforces the perception of a well-secured plugin, suggesting a history of diligent security development.\n\nWhile the plugin's current state is excellent, a minor concern arises from the absence of nonce checks. While the identified entry points are protected by capability checks, the lack of nonces on AJAX handlers (though there are none in this version) or other potential interaction points means that if new interaction methods were introduced in the future without proper nonce implementation, they could theoretically be susceptible to CSRF attacks. However, given the current limited attack surface and the strong emphasis on prepared statements and output escaping, the overall risk is very low.",[193],{"reason":194,"points":195},"Missing nonce checks",3,"2026-03-16T21:07:36.047Z",{"wat":198,"direct":205},{"assetPaths":199,"generatorPatterns":201,"scriptPaths":202,"versionParams":203},[200],"\u002Fwp-content\u002Fplugins\u002Fopenid-connect-server\u002Fsrc\u002Fjs\u002Ffrontend.js",[],[200],[204],"openid-connect-server\u002Fsrc\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":206,"htmlComments":207,"htmlAttributes":208,"restEndpoints":209,"jsGlobals":214,"shortcodeOutput":216},[],[],[],[210,211,212,213],"\u002Fwp-json\u002Fopenid-connect\u002Fauthorization","\u002Fwp-json\u002Fopenid-connect\u002Ftoken","\u002Fwp-json\u002Fopenid-connect\u002Fuserinfo","\u002Fwp-json\u002Fopenid-connect\u002Fjwks",[215],"window.oidcConfig",[]]