In this tutorial, we will go over how to set up an OAuth2 SSO for Single Sign-On use within WordPress OAuth Server.
Installing WP OAuth Server
1. Installing the plugin is as simple as any other WordPress plugin and requires a little effort to configure. The configuration is done for you when you finish installing the plugin within your Wordpress:
- Plugins > Add New > Search for WP OAuth Server Make sure to Install and Activate WP OAuth Server (OAuth Authentication) By WP OAuth Server. Check out step 1 in the tutorial video below.
2. In Wordpress, create a consumer/client using the admin interface. This client will be unique to the site that the Single Sign-On will be taking place. Ensure that the Redirect URI is set correctly. On the left panel click on OAuth Server and click Add New Client:
Client Information
- Client Name: Name to identify the application. You can pick any name.
- Redirect URI: You can find the callback Url from Tribe OAuth2 SSO App.
<Community Url>/auth/oauth2/callback
ex: https://community.domain.com/auth/oauth2/callback129 - Client Credential Assigned User: Select a user account that has higher privileges. ex: Wordpress admin account.
- Once the information is entered, click on "Create Client", and after the client is created, you can see the Client ID and Client Secret which are required for the next step.
- Under OAuth Server > Settings > General Settings > [OAuth Server Enabled] is checked
- Check out step 2 in the tutorial video below.
3. Setup on Tribe Community Side
Go to your Tribe community> Admin Panel> from the left panel select "Apps" and install "OAuth2 SSO". Check our video 3.1. at the end of this tutorial.
Below is how you should do the settings. Check out step 3.2 in the tutorial video below.
General Settings
- Enabled: is checked.
- Client ID: From WordPress OAuth Server explained in step 2
- Client Secret: From WordPress OAuth Server explained in step 2
- Authorization URL: <WordPress Url>/oauth/authorize
ex: https://mywordpress.com/oauth/authorize60 - Token URL: <WordPress Url>/oauth/token
ex: https://mywordpress.com/oauth/token41 - Sign Up Url: <WordPress Url>/wp-login.php?action=register
ex: https://mywordpress.com/wp-login.php?action=register39 - Account Settings Url : <WordPress Url>/wp-admin/profile.php
ex: https://mywordpress.com/wp-admin/profile.php38 - User Info URL: <WordPress Url>/oauth/me
ex: https://mywordpress.com/oauth/me103 - Logout URL: <WordPress Url>/wp-login.php?action=logout
ex: https://mywordpress.com/wp-login.php?action=logout30 - Verify State: is checked
Once all the information is entered click Update. That's all for the setup on the Community and WordPress side.
4. Authentication Flow
From the Community, pressing Login will bring the user to WordPress Site to enter their credentials.
After the server has authenticated the user, it will redirect the user back to the redirect_uri parameter assigned to it in the previous step.
Wordpress server will respond with the following information about the authenticated user.
{"ID":"1","user_login":"admin","user_nicename":"admin","user_email":"justin@tribe.so43","user_registered":"2018-01-01 23:15:31","user_status":"0","display_name":"admin"}
This information is what Tribe will use as a shared login for Single Sign-On.
Check out step 4 in the tutorial video below:
Video Guide
Note: As of WP OAuth Server version 3.7.xx make sure OAuth Server Enabled is checked
