OAuth Single Sign-On (SSO) lets WordPress users log in securely using external identity providers (IdPs) like Google, Facebook, or Okta. With the miniOrange OAuth SSO plugin, your WordPress site acts as an OAuth client, handling authentication automatically and safely.
How OAuth SSO Works
- User clicks login: A visitor selects “Login with Google” or another IdP.
- Redirection to IdP: The plugin redirects the user to the IdP’s login page with a callback URL back to WordPress.
- Authentication & consent: The user enters IdP credentials and grants permission to share basic info (name, email).
- Authorization code: The IdP sends a temporary code back to WordPress.
- Token exchange: The miniOrange plugin exchanges the code for an ID token or access token securely, avoiding exposure to the browser.
Token decode:
- With OpenID configuration: The miniOrange plugin decodes the ID token to retrieve user information.
- With OAuth configuration: The miniOrange plugin uses the access token to call the UserInfo endpoint and fetch end-user details.
User info & login:
- New users: Accounts are automatically created (“just-in-time provisioning”).
- Existing users: External accounts are linked to existing WordPress profiles.
- Session created: The user is logged in and ready to use WordPress.
To learn more about the product and explore its key features, visit the miniOrange WordPress OAuth SSO page.
If you have any questions or need assistance, feel free to contact us at oauthsupport@xecurify.com. We're happy to help!
