[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5TQmtOl0ft3MHUHUyF99HXiHSo5VH00yhxoUcD7XhII":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":146,"fingerprints":177},"wp-oauth-integration","WP OAuth Integration","0.1.3","Samer Bechara","https:\u002F\u002Fprofiles.wordpress.org\u002Farbet01\u002F","\u003Cp>Allow users to login\u002Fregister via different OAuth2 Providers\u003C\u002Fp>\n\u003Cp>List of features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works with Meetup.com accounts out of the box\u003C\u002Fli>\n\u003Cli>Developers can easily extend in order to work with different OAuth2 providers\u003C\u002Fli>\n\u003Cli>User’s Name, URL, description and avatar are automatically updated (with the option to turn it off)\u003C\u002Fli>\n\u003Cli>Use the shortcode [woi_meetup_login_link] to display  sign in link anywhere on your site for provider ‘Meetup.com’.\u003C\u002Fli>\n\u003Cli>You can use [woi_meetup_login_link text=’Your Custom Link Text’] to generate a sign-in link with your own text.\u003C\u002Fli>\n\u003Cli>[woi_meetup_login_link class = ‘class1 class2’] will add the corresponding CSS classes to the generated link\u003C\u002Fli>\n\u003C\u002Ful>\n","Create and Manage an OAuth 2.0 Integration powered by WordPress.",10,1362,0,"2018-01-12T09:12:00.000Z","4.9.29","4.9.1","",[19,20,21,22,23],"oauth","oauth-provider","oauth2","oauth2-service","provider","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-oauth-integration.0.1.3.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"arbet01",8,260,84,30,83,"2026-04-04T10:36:22.635Z",[38,60,84,107,128],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":13,"last_vuln_date":59,"fetched_at":27},"oauth2-provider","WP OAuth Server (OAuth Authentication)","4.5.0","Jayson T Cote","https:\u002F\u002Fprofiles.wordpress.org\u002Faskjayson\u002F","\u003Cp>Connect your app to WordPress or use SSO to connect multiple websites with the same username and passwords. No 3rd party servers are needed with WP OAuth Server. Everything you need is in this plugin.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FZOUsY4Kp_6U?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WP REST API Authentication. Provides ability to make authorized calls to protected REST API endpoints.\u003C\u002Fli>\n\u003Cli>WP REST API Lock Down. Prevent any calls to the REST API unless authorized\u003C\u002Fli>\n\u003Cli>Unlimited OAuth 2.0 Clients\u003C\u002Fli>\n\u003Cli>Support for Implicit Flow\u003C\u002Fli>\n\u003Cli>Built-In Resource Server\u003C\u002Fli>\n\u003Cli>Automated Authorization Flow (User does not have to see authorization screen)\u003C\u002Fli>\n\u003Cli>Easily Extend\u002F Modify the Endpoints\u003C\u002Fli>\n\u003Cli>OAuth 2.0 PKCE\u003C\u002Fli>\n\u003Cli>Modern and Legacy JWT authorization support. OAuth 2.0 JSON Web Token Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Grant Types\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Authentication Code w\u002FImplicit\u003C\u002Fli>\n\u003Cli>User Credentials (Pro)\u003C\u002Fli>\n\u003Cli>Client Credentials (Pro)\u003C\u002Fli>\n\u003Cli>Refresh Token (Pro)\u003C\u002Fli>\n\u003Cli>OpenID Connect (Pro)\u003C\u002Fli>\n\u003Cli>OpenID Discovery\u003C\u002Fli>\n\u003Cli>Public Clients (Pro)\u003C\u002Fli>\n\u003Cli>Public Client Proof of Key Exchange (PKCE)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supports\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Connecting any Custom Mobile and Desktop Application to WordPress’s Backend.\u003C\u002Fli>\n\u003Cli>Any software or web platform utilizing OAuth 2.0.\u003C\u002Fli>\n\u003Cli>Allows RocketChat to use WordPress as a Backend.\u003C\u002Fli>\n\u003Cli>Connects Moodle LMS and use WordPress users.\u003C\u002Fli>\n\u003Cli>Alexa Skills Authentication\u003C\u002Fli>\n\u003Cli>Tribe.so Community OAuth 2 SSO Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How to Use\u003C\u002Fh4>\n\u003Cp>Visit https:\u002F\u002Fwp-oauth.com\u002Fsupport\u002Fdocumentation\u002F for detailed documentation on installing, configuring and using\u003Cbr \u002F>\nWordPress OAuth Server.\u003C\u002Fp>\n\u003Ch4>Licensing\u003C\u002Fh4>\n\u003Cp>WP OAuth Server is free to use. Please support the project by licensing. You can view more information at\u003Cbr \u002F>\nhttps:\u002F\u002Fwp-oauth.com.\u003C\u002Fp>\n\u003Ch4>Minimum Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>PHP 5.6.4 or greater \u003Cem>(latest version recommended)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>OpenSSL installed and enabled if you plan on using OpenID Connect\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Other Information\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>NOTE: As of 3.0.0, there are no backward compatibility for any version older than 3.0.0\u003C\u002Fli>\n\u003Cli>NOTE: Due to IIS’s inability play nice, WP OAuth Server may work but is very limited for Windows OS.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Support requests should be made by opening a support request at https:\u002F\u002Fwp-oauth.com\u002Fsupport\u002Fsubmit-ticket\u002F.\u003C\u002Fp>\n","Adds Authentication through OAuth 2. Provides the ability for Single Sign On for websites & Mobile Applications.",3000,174039,76,41,"2026-01-24T02:08:00.000Z","6.9.0","4.7.2","7.4",[19,20,21,22,23],"http:\u002F\u002Fwp-oauth.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foauth2-provider.4.5.0.zip",92,7,"2024-04-05 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":80,"download_link":81,"security_score":70,"vuln_count":82,"unpatched_count":13,"last_vuln_date":83,"fetched_at":27},"miniorange-oauth-20-server","WP OAuth Server ( Login with WordPress )","6.1.3","miniOrange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberlord92\u002F","\u003Cp>WP OAuth Server plugin turns your WordPress site into an OAuth Server, enabling Login with WordPress. It allows you to login into \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-configure-rocket-chat-oauth-client\" rel=\"nofollow ugc\">Rocket Chat\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-configure-invision-community-oauth-client\" rel=\"nofollow ugc\">Invision Community\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-setup-single-sign-on-between-two-wordpress-sites\" rel=\"nofollow ugc\">WordPress\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.miniorange.com\u002Fsingle-sign-on-(sso)-for-odoo\" rel=\"nofollow ugc\">Odoo\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-circle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">EasyGenerator\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-salesforce-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Salesforce\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fzapier-integration-with-wordpress-oauth-server\" rel=\"nofollow ugc\">Zapier\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-moodle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Moodle WordPress SSO\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-servicenow-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">ServiceNow\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-open-edx-edunext-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Edunext\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-wickr-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Wickr\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-freshworks-freshdesk-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Freshdesk\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-freshworks-freshdesk-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">FreshWorks\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-servicenow-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">ServiceNow\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fshinyproxy-single-sign-on-sso-with-wordpress-as-oauth-server\" rel=\"nofollow ugc\">ShinyProxy\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-knack-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Knack database\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-circle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Circle.so\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-tribe-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Tribe.so\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-tribe-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Tribe\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-mobilize-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Mobilize\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-nextcloud-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Nextcloud SSO\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-church-online-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Church Online\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\">iSpring LMS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-academy-of-mine-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Academy of Mine\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\">BoardEffect\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ftalentlms-sso-using-wordpress-as-openid-connect-server\" rel=\"nofollow ugc\">TalentLMS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-single-sign-on-sso-for-laravel-using-wordpress-as-oauth-provider\" rel=\"nofollow ugc\">Laravel\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpowerschool-sis-sso-using-wordpress-as-openid-connect-server\" rel=\"nofollow ugc\">PowerSchool\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpowerschool-sis-sso-using-wordpress-as-openid-connect-server\" rel=\"nofollow ugc\">PowerSchool\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-openid-connect-single-sign-on-sso-into-joomla-using-wordpress\" rel=\"nofollow ugc\">Joomla\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-into-hubspot-using-wordpress\" rel=\"nofollow ugc\">HubSpot SSO\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-single-sign-on-sso-for-shopify-using-wordpress-as-identity-provider\" rel=\"nofollow ugc\">shopify sso integration\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fmerithub-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">MeritHub\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fbookstack-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Bookstack\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpimcore-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Pimcore\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002F360learning-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">360 Learning\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Feventmobi-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">EventMobi\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsynology-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Synology\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdrupal-wordpress-sso-integration-with-oauth-client-drupal-wordpress-login\" rel=\"nofollow ugc\">Drupal\u003C\u002Fa>, Piano Analytics, Zerotier, and any other OAuth 2.0 compliant applications using WordPress SSO credentials.\u003C\u002Fp>\n\u003Cp>| \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\">WordPress OAuth Server Setup Guides\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-api-documentation\" rel=\"nofollow ugc\">API Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-oauth-server#free-trial-oauth\" rel=\"nofollow ugc\">Demo \u002F Trial\u003C\u002Fa> |\u003C\u002Fp>\n\u003Cp>You can checkout the below video tutorial to know how to setup SSO with your OAuth\u002FOpenID Compliant Applications.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fc6v-SqRhg8o?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Basically, the OAuth Server plugin allows users to login into applications that are OAuth 2.0 compliant, facilitating oauth server SSO using their WordPress login credentials. As it’s name suggests, it follows the OAuth 2.0 protocol. Along with that, it also supports OpenID Connect (OIDC), and JWT protocols.\u003C\u002Fp>\n\u003Cp>The primary goal of the OAuth Server plugin is to provide Single Sign-On Login with WordPress, so users do not need to remember a username and password for each application.\u003Cbr \u002F>\nUsing WordPress as OAuth Server, once Single Sign On is enabled, users do not need to store sensitive information to login into different applications.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Discovery URL\u003C\u002Fstrong>\u003Cbr \u002F>\nThe discovery url \u002F well-known endpoint can be used to get metadata about your Identity Server, essential for setting up oauth server SSO. It will return information about the OAuth\u002FOpenID endpoints, issuer URL, supported grant types, supported scopes, key material along with claims in the JSON format. These details can be used by the clients to create an OpenID server request, enhancing the WordPress SSO experience. The well known configuration URL is accessible via \u002F.well-known\u002Fopenid-configuration, in relation to the issuer URL.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>JWT Token Verification\u003C\u002Fstrong>\u003Cbr \u002F>\nJWT signing, which ensures the integrity of the tokens used during the WordPress SSO process, supports both symmetric and asymmetric algorithms provided by the OAuth Server. The plugin’s free version supports HS256, while the premium version supports RS256, enhancing security especially in scenarios involving HubSpot SSO and Nextcloud SSO.\u003C\u002Fp>\n\u003Cp>HS256, a symmetric signature algorithm, indicates that the signature is generated and verified using the same secret key. It is supported in the free version of the OAuth Server plugin, which is useful for basic OAuth Server SSO configurations.\u003C\u002Fp>\n\u003Cp>RS256, an asymmetric signature algorithm is different from a symmetric algorithm in that a pair of private and public keys is used to sign and validate the data respectively instead of a single secret key in an oauth server SSO setup.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why RSA algorithm should be used?\u003C\u002Fstrong>\u003Cbr \u002F>\nThe use of a public and private key pair makes RS256 more secure in comparison to HS256 where the public key is shared and might be compromised whereas in RS256, even if you do not have the control over your client, your data remains secure as it is signed using a private key. The premium version of the OAuth Server plugin supports the RS256 algorithm.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Postman collection\u003C\u002Fstrong>\u003Cbr \u002F>\nPostman collection JSON is a file that can be used for testing the configuration of OAuth 2.0 flow in the WP OAuth Server plugin without configuring an external OAuth Client by generating the access token and the API call to the resource endpoint subsequently.\u003C\u002Fp>\n\u003Ch4>LIST OF POPULAR OAUTH CLIENTS SUPPORTED\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-configure-rocket-chat-oauth-client\" rel=\"nofollow ugc\"> Rocket.Chat \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-configure-invision-community-oauth-client\" rel=\"nofollow ugc\"> Invision Community (IPB Forum) \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.miniorange.com\u002Fsingle-sign-on-(sso)-for-odoo\" rel=\"nofollow ugc\"> Odoo \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fguide-to-setup-single-sign-on-between-two-wordpress-sites\" rel=\"nofollow ugc\"> WordPress SSO into other WordPress Sites \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-circle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> EasyGenerator \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-salesforce-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Salesforce \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fzapier-integration-with-wordpress-oauth-server\" rel=\"nofollow ugc\"> Zapier  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-moodle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Moodle  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-open-edx-edunext-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Edunext  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-wickr-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Wickr  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-freshworks-freshdesk-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Freshdesk  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-freshworks-freshdesk-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> FreshWorks  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-servicenow-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> ServiceNow  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-knack-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Knack database  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-circle-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Circle.so  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-tribe-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Tribe.so  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-mobilize-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Mobilize  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-nextcloud-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Nextcloud  \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\"> iSpring LMS \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-church-online-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Church Online \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-for-academy-of-mine-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\"> Academy of Mine \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\"> BoardEffect \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-single-sign-on-sso-for-laravel-using-wordpress-as-oauth-provider\" rel=\"nofollow ugc\">Laravel\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpowerschool-sis-sso-using-wordpress-as-openid-connect-server\" rel=\"nofollow ugc\">PowerSchool\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-openid-connect-single-sign-on-sso-into-joomla-using-wordpress\" rel=\"nofollow ugc\">Joomla\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-into-hubspot-using-wordpress\" rel=\"nofollow ugc\">HubSpot\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-single-sign-on-sso-for-shopify-using-wordpress-as-identity-provider\" rel=\"nofollow ugc\">Shopify\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fmerithub-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">MeritHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fbookstack-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Bookstack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpimcore-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Pimcore\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002F360learning-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">360 Learning\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Feventmobi-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">EventMobi\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsynology-sso-using-wordpress-as-oauth-server\" rel=\"nofollow ugc\">Synology\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdrupal-wordpress-sso-integration-with-oauth-client-drupal-wordpress-login\" rel=\"nofollow ugc\">Drupal\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Piano Analytics\u003C\u002Fli>\n\u003Cli>Zerotier\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WORDPRESS OAUTH \u002F OPENID CONNECT SERVER USE CASES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>If you want to use your WordPress site as an Identity Server \u002F OAuth Server \u002F OAuth Provider and utilize Login with WordPress to access your client site\u002Fapplication with WordPress user’s login credentials, then you can use this plugin. You can also decide what kind of user data\u002Fattributes you want to send while Single Sign-On into your client site\u002Fapplication, including Moodle WordPress SSO and Nextcloud SSO functionalities.\u003C\u002Fli>\n\u003Cli>If you want to login to your Mobile app \u002F Single Page web app (SPA) using your WordPress credentials, then you can use the Authorization code with PKCE flow grant type to achieve your use case.\u003C\u002Fli>\n\u003Cli>Single set of credentials will be used to login to multiple WordPress websites.\u003C\u002Fli>\n\u003Cli>You can access the NGINX resources using NGINX Authentication. Once you login into your client application using WP OAuth Server credentials, you will get JWT. Your client application can further use it for NGINX Authentication. \u003C\u002Fli>\n\u003Cli>Membership sync or role mapping is used to sync the memberships or roles assigned to your users from OAuth Server to OAuth\u002FOpenID Client.\u003C\u002Fli>\n\u003Cli>Custom Attribute Mapping is helpful if you want to send additional attributes (beyond the default ones) from your WordPress \u003Cem>usermeta\u003C\u002Fem> table to your OAuth\u002FOpenID client using Login with WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WORDPRESS OAUTH \u002F OPENID CONNECT SERVER FREE VERSION FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Supports Login with WordPress for \u003Cstrong>Single Client\u003C\u002Fstrong> application\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protocol Support:\u003C\u002Fstrong> OAuth 2.0, OpenID Connect (OIDC)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Discovery document\u003C\u002Fstrong> \u002F well-known endpoint for automatic configuration\u003C\u002Fli>\n\u003Cli>JWT signing using \u003Cstrong>HS256\u003C\u002Fstrong> or \u003Cstrong>RS256\u003C\u002Fstrong> algorithm (\u003Cstrong>Note\u003C\u002Fstrong>: In RS256 algorithm, the keys will be common for all the free version installations)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Postman collection\u003C\u002Fstrong> for testing OAuth 2.0 flow without actually configuring the client application\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server Response:\u003C\u002Fstrong> Sends User ID, username, email, first name, last name, display name in the response\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Grant types Supported:\u003C\u002Fstrong> Authorization Code grant\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-Site Support:\u003C\u002Fstrong> Implement the WordPress as OAuth Server within a WordPress Multisite network environment to Login with WordPress users into configured applications.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Master Switch:\u003C\u002Fstrong> Block \u002F unblock OAuth API calls between OAuth Clients and OAuth Server\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Token Length:\u003C\u002Fstrong> Change the access token length\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Foauth-api-documentation\" rel=\"nofollow ugc\"> OAuth API Documentation \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-oauth-server\" rel=\"nofollow ugc\"> Setup guides \u003C\u002Fa> to configure the plugin with various OAuth Clients (more coming soon)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WORDPRESS OAUTH \u002F OPENID CONNECT SERVER PREMIUM VERSION FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>All FREE version features\u003C\u002Fli>\n\u003Cli>Supports Login with WordPress for \u003Cstrong>Multiple Client\u003C\u002Fstrong> applications\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server Response:\u003C\u002Fstrong> Sends all the profile attributes along with roles, allows to send custom attributes from usermeta table and also customize the attribute names that need to be sent in server response\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Grant Types Supported:\u003C\u002Fstrong> Authorization Code Grant, Implicit Grant, Password Grant, Client Credentials Grant, Refresh Token Grant, Authorization Code grant with PKCE flow\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Token Lifetime:\u003C\u002Fstrong> Configure the access token and refresh token expiry time\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enforce State Parameter:\u003C\u002Fstrong> Based on client configuration, you can enable or disable state parameter\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Authorize \u002F Consent prompt:\u003C\u002Fstrong> Enable \u002F disable the consent screen\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Redirect \u002F Callback URI Validation:\u003C\u002Fstrong> Enable \u002F disable this feature, based on dynamic redirect to a different pages for certain conditions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JWT Signing Algorithm:\u003C\u002Fstrong> Supports signing algorithms HSA and RSA (with dynamic keys for each client setup)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Additional endpoints:\u003C\u002Fstrong> Provides Introspection endpoint, OpenID Connect Single logout endpoint, Revoke endpoint\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>A grant is a method of acquiring an access token. Deciding which grants to implement depends on the type of client the end user will be using, and the experience you want for your users.\u003C\u002Fp>\n\u003Ch4>WE SUPPORT FOLLOWING GRANTS:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Authorization code grant\u003C\u002Fstrong> : This code grant is used when there is a need to access the protected resources on behalf of the user on another third party application.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Implicit grant\u003C\u002Fstrong> : This grant relies on resource owner and registration of redirect uri. In authorization code grant users need to ask for authorization and access token each time, but here access token is granted for a particular redirect uri provided by a client using a particular browser.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client credential grant\u003C\u002Fstrong> : This grant type heads towards specific clients, where access token is obtained by client by only providing client credentials. This grant type is quite confidential.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Resource owner password credentials grant\u003C\u002Fstrong> : This type of grant is used where the resource owner has a trust relationship with the client. Just by using username and password, provided by resource owner authorization and authentication can be achieved.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Refresh token grant\u003C\u002Fstrong> : Access tokens obtained in OAuth flow eventually expire. In this grant type client can refresh his or her access token.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Authorization code grant with PKCE flow\u003C\u002Fstrong> : This grant type is used for public clients like mobile and native apps, Single Page web apps, where there is a risk of client secret being compromised.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>REST API AUTHENTICATION\u003C\u002Fh4>\n\u003Cp>Rest API is very much open to interact. Creating posts, getting information of users and much more is readily available.\u003Cbr \u002F>\nIt secures unauthorized access to your WordPress sites\u002Fpages using our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-rest-api-authentication\u002F\" rel=\"ugc\"> WordPress REST API Authentication plugin \u003C\u002Fa>.\u003C\u002Fp>\n","Single Sign-On using WordPress - Login with WordPress to your application\u002Fsites using your WordPress account. [24\u002F7 Support]",900,50872,98,40,"2026-01-30T04:47:00.000Z","6.9.4","4.8","5.6",[20,77,21,78,79],"oauth-server","openid","wordpress-login","https:\u002F\u002Fwww.miniorange.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminiorange-oauth-20-server.6.1.3.zip",1,"2022-08-02 00:00:00",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":95,"last_updated":96,"tested_up_to":51,"requires_at_least":97,"requires_php":53,"tags":98,"homepage":103,"download_link":104,"security_score":70,"vuln_count":105,"unpatched_count":13,"last_vuln_date":106,"fetched_at":27},"daggerhart-openid-connect-generic","OpenID Connect Generic Client","3.11.3","Jonathan Daggerhart","https:\u002F\u002Fprofiles.wordpress.org\u002Fdaggerhart\u002F","\u003Cp>This plugin allows to authenticate users against OpenID Connect OAuth2 API with Authorization Code Flow.\u003Cbr \u002F>\nOnce installed, it can be configured to automatically authenticate users (SSO), or provide a “Login with OpenID Connect”\u003Cbr \u002F>\nbutton on the login form. After consent has been obtained, an existing user is automatically logged into WordPress, while\u003Cbr \u002F>\nnew users are created in WordPress database.\u003C\u002Fp>\n\u003Cp>Much of the documentation can be found on the Settings > OpenID Connect Generic dashboard page.\u003C\u002Fp>\n\u003Cp>Please submit issues to the Github repo: https:\u002F\u002Fgithub.com\u002Foidc-wp\u002Fopenid-connect-generic\u003C\u002Fp>\n","A simple client that provides SSO or opt-in authentication against a generic OAuth2 Server implementation.",10000,177319,100,20,"2026-02-13T04:36:00.000Z","5.0",[99,100,21,101,102],"apps","login","openidconnect","security","https:\u002F\u002Fgithub.com\u002Foidc-wp\u002Fopenid-connect-generic","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdaggerhart-openid-connect-generic.3.11.3.zip",2,"2025-12-17 00:00:00",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":117,"num_ratings":31,"last_updated":118,"tested_up_to":119,"requires_at_least":97,"requires_php":120,"tags":121,"homepage":125,"download_link":126,"security_score":35,"vuln_count":105,"unpatched_count":13,"last_vuln_date":127,"fetched_at":27},"oauth-client-for-user-authentication","OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO )","3.1.1","mysteve06","https:\u002F\u002Fprofiles.wordpress.org\u002Fmysteve06\u002F","\u003Cp>WordPress OAuth client SSO ( OAuth 2.0 & OpenID SSO ) plugin allows login ( Single Sign On ) with your OAuth Servers like  AWS Cognito, Amazon, Azure AD, Azure B2C, Clever, Discord, Google, Google Apps, GitHub, GitLab, Invision Community, Keycloak, LinkedIn, Office 365, Okta, OpenAM, PayPal, Ping Identity, Salesforce, WSO2 Identity Server, Zendesk or other custom OAuth 2.0 \u002F OpenID Connect providers. It works with any OAuth Provider that complies with OAuth 2.0 Server and OpenID Connect (OIDC) 1.0 standards. With WP OAuth Client, no third-party is required. This plugin has everything you require.\u003C\u002Fp>\n\u003Ch4>OAuth Client 2.0 \u002F OpenID Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Attribute Mapping\u003C\u002Fli>\n\u003Cli>Role Mapping\u003C\u002Fli>\n\u003Cli>Connectivity Test user validation by entering the credentials in the plugin using OAuth Client.\u003C\u002Fli>\n\u003Cli>Redirect to specific URL after Auto-Login \u002F Register\u003C\u002Fli>\n\u003Cli>Redirect based on URL\u003C\u002Fli>\n\u003Cli>Allow only specific IP addresses to Login \u002F Register based\u003C\u002Fli>\n\u003Cli>Allow only domains to Register based\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported list of OAuth Grant types ( Comming Soon )\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Authorization Code grant (currently support)\u003C\u002Fli>\n\u003Cli>OpenID Connect ( currently support )\u003C\u002Fli>\n\u003Cli>Implicit grant\u003C\u002Fli>\n\u003Cli>User Credentials\u003C\u002Fli>\n\u003Cli>Client Credentials\u003C\u002Fli>\n\u003Cli>Refresh Token\u003C\u002Fli>\n\u003Cli>OpenID Discovery\u003C\u002Fli>\n\u003Cli>Public Clients \u003C\u002Fli>\n\u003Cli>Public Client Proof of Key Exchange ( PKCE )\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Supported list of popular OAuth Servers\u003C\u002Fh3>\n\u003Ch3>Our WordPress OAuth client Single Sign On ( WordPress SSO ) plugin supports any third-party \u002F OAuth OpenID providers. Some OAuth providers are listed below.\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>OAuth SSO Login with Azure AD\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with AWS Cognito\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Amazon\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Azure AD\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Azure B2C\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Clever\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Discord\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Google\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Google Apps\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with GitHub\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with GitLab\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Invision Community\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Keycloak\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with LinkedIn\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Office 365\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Okta\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with OpenAM\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with PayPal\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Ping Identity\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Salesforce\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Slack\u003C\u002Fli>\n\u003Cli>OAuth SSO Login wtth WSO2 Identity Server\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with WHMC\u003C\u002Fli>\n\u003Cli>OAuth SSO Login with Zendesk \u003C\u002Fli>\n\u003Cli>OAuth SSO Login with custom OAuth 2.0 \u002F OpenID Connect providers\u003C\u002Fli>\n\u003Cli>It works with any OAuth Provider that complies with OAuth 2.0 Server and OpenID Connect ( OIDC )\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>To assist with the setup, our team is only an email away from you. Please drop us an email at mysteve06@gmail.com so that one member of our team can reach you in no time to set up the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>About OAuth and SSO\u003C\u002Fh3>\n\u003Ch4>What is Single Sign-On ?\u003C\u002Fh4>\n\u003Cp>Single sign-on (SSO) is a form of authentication that allows users to use just one set of credentials to safely authenticate several applications and websites. OAuth and OpenID Connect are token-based Single Sign-On (SSO) protocols that allow third-party applications to access an end user’s account information without revealing the password.\u003C\u002Fp>\n\u003Ch4>What is OAuth ?\u003C\u002Fh4>\n\u003Cp>OAuth is an open-standard authorization protocol or mechanism that provides the “secure designated access” ability for applications. For example, without having to give example.com your OAuth Server password, you can tell your OAuth Server that it’s OK for example.com to access the site(Using role mapping, you can limit access to content based on roles).\u003C\u002Fp>\n\u003Ch4>What is OAuth Client?\u003C\u002Fh4>\n\u003Cp>Application requesting access to a protected resource on behalf of the Resource Owner.\u003C\u002Fp>\n\u003Ch4>What is OAuth Server?\u003C\u002Fh4>\n\u003Cp>OAuth Server provides the user information without sharing the credentials.\u003C\u002Fp>\n\u003Ch4>What is OAuth Scope?\u003C\u002Fh4>\n\u003Cp>Scope is a feature in OAuth 2.0 to restrict the access of an application to a user’s account. One or more scopes may be requested by an applicant, this information is then provided in the consent screen to the user, and the access token given to the application will be restricted to the scopes granted.\u003C\u002Fp>\n\u003Ch4>Can you set this up for me on my current website?\u003C\u002Fh4>\n\u003Cp>\u003Cem>Yes\u003C\u002Fem>, without a doubt. If you ever want assistance, please do not hesitate to contact us at mysteve06@gmail.com.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress since 5.0 or higher\u003C\u002Fli>\n\u003Cli>PHP >= 7.2\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Frequently Asked Questions ( FAQ’s )\u003C\u002Fh3>\n\u003Cp>For support or troubleshooting help please email us at mysteve06@gmail.com.\u003C\u002Fp>\n","WordPress OAuth client SSO ( OAuth 2.0 & OpenID SSO ) plugin allows login ( Single Sign On ) with your OAuth Servers like  AWS Cognito, Amazon, Az &hellip;",200,16003,82,"2023-02-21T15:40:00.000Z","6.1.10","7.2",[122,19,123,77,124],"authentication","oauth-client","oauth2-0","https:\u002F\u002Fwww.securiseweb.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foauth-client-for-user-authentication.zip","2022-08-23 00:00:00",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":134,"short_description":135,"active_installs":95,"downloaded":136,"rating":13,"num_ratings":13,"last_updated":137,"tested_up_to":73,"requires_at_least":138,"requires_php":53,"tags":139,"homepage":144,"download_link":145,"security_score":94,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"apoyl-weixin","[凹凸曼]一键微信登录","2.4.0","apoyl","https:\u002F\u002Fprofiles.wordpress.org\u002Fapoyl\u002F","\u003Cp>这是一款实现微信互联一键登录网站，让用户不在繁琐去注册用户，一键实现微信登录，可以让电脑版网站扫描登录和手机微信登录，多个公众号，甚至以后需要移动APP应用微信登录，统一用户账号的需求，极大的方便用户登录网站.\u003C\u002Fp>\n\u003Ch3>插件功能\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>支持登录一键微信登录,可以实现手机快捷登录和PC扫描登录微信\u003C\u002Fli>\n\u003Cli>支持自动同步微信昵称到网站用户名,前提满足wordpress用户的注册要求\u003C\u002Fli>\n\u003Cli>支持一键微信登录用户，自定义角色：订阅者，贡献者，作者，编辑，管理员，这个站点没有任何用户角色\u003C\u002Fli>\n\u003Cli>支持查看管理绑定记录管理+\u003C\u002Fli>\n\u003Cli>支持已登录账号可以绑定微信\u003C\u002Fli>\n\u003Cli>支持管理员解绑账号\u003C\u002Fli>\n\u003Cli>支持微信账户中文昵称自动注册wordpress昵称\u003C\u002Fli>\n\u003Cli>支持你想实现电脑版网站扫描登录和手机微信登录，多个公众号，甚至以后需要移动APP应用微信登录，统一用户账号的需求，此插件也满足\u003C\u002Fli>\n\u003Cli>支持微信头像同步到用户并显示\u003C\u002Fli>\n\u003Cli>支持其他插件或者模板页面调用微信登录，需要手动部署（如woocommerce的页面实现微信登录）\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>以上功能部分免费,点击购买付费版：\u003Ca href=\"http:\u002F\u002Fwww.girltm.com\u002F\" rel=\"nofollow ugc\">凹凸曼插件\u003C\u002Fa>\u003Cbr \u002F>\n也可以加开发者QQ：3201361925 email: 3201361925@qq.com\u003C\u002Fp>\n","这是一款实现微信互联一键登录网站，让用户不在繁琐去注册用户，一键实现微信登录，可以让电脑版网站扫描登录和手机微信登录，多个公众号，甚至以后需要移动APP应用微信登录，统一用户账号的需求，极大的方便用户登录网站.",3796,"2025-12-25T08:57:00.000Z","6.0",[140,21,141,142,143],"%e7%99%bb%e5%bd%95","wechat","weixin","%e5%be%ae%e4%bf%a1","http:\u002F\u002Fwww.girltm.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapoyl-weixin.zip",{"attackSurface":147,"codeSignals":159,"taintFlows":169,"riskAssessment":170,"analyzedAt":176},{"hooks":148,"ajaxHandlers":155,"restRoutes":156,"shortcodes":157,"cronEvents":158,"entryPointCount":13,"unprotectedCount":13},[149],{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","admin_notices","php_version_notice","includes\\class-wp-oauth-integration-main.php",119,[],[],[],[],{"dangerousFunctions":160,"sqlUsage":161,"outputEscaping":163,"fileOperations":13,"externalRequests":13,"nonceChecks":82,"capabilityChecks":82,"bundledLibraries":168},[],{"prepared":13,"raw":13,"locations":162},[],{"escaped":82,"rawEcho":82,"locations":164},[165],{"file":153,"line":166,"context":167},180,"raw output",[],[],{"summary":171,"deductions":172},"The \"wp-oauth-integration\" plugin version 0.1.3 exhibits a generally strong security posture based on the provided static analysis.  The absence of known vulnerabilities, coupled with a complete lack of SQL queries executed without prepared statements, and zero taint flows of critical or high severity, are all positive indicators. The plugin also demonstrates good practices by including nonce and capability checks for its limited entry points. The minimal attack surface and lack of file operations or external HTTP requests further contribute to its perceived security.\n\nHowever, there are minor areas for improvement. The output escaping is only 50% properly implemented, meaning there's a potential for unescaped output, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is displayed without proper sanitization. While the current version has no known vulnerabilities, this could be due to its early stage (v0.1.3) or limited adoption. The plugin's vulnerability history is clean, which is a good sign, but ongoing monitoring is always recommended, especially for plugins with a limited version history.\n\nIn conclusion, \"wp-oauth-integration\" v0.1.3 appears to be a secure plugin with a commendable approach to many security best practices. The primary concern is the partial output escaping, which warrants attention. The lack of any historical vulnerabilities is a strength, but continued vigilance and updates are essential as the plugin matures and its attack surface potentially expands.",[173],{"reason":174,"points":175},"Only 50% of outputs are properly escaped",5,"2026-03-17T00:57:12.215Z",{"wat":178,"direct":187},{"assetPaths":179,"generatorPatterns":182,"scriptPaths":183,"versionParams":184},[180,181],"\u002Fwp-content\u002Fplugins\u002Fwp-oauth-integration\u002Fcss\u002Fwp-oauth-integration.css","\u002Fwp-content\u002Fplugins\u002Fwp-oauth-integration\u002Fjs\u002Fwp-oauth-integration.js",[],[181],[185,186],"wp-oauth-integration\u002Fcss\u002Fwp-oauth-integration.css?ver=","wp-oauth-integration\u002Fjs\u002Fwp-oauth-integration.js?ver=",{"cssClasses":188,"htmlComments":189,"htmlAttributes":190,"restEndpoints":191,"jsGlobals":192,"shortcodeOutput":193},[],[],[],[],[],[]]