Skip to main content

OAuth2.0
OAuth2.0
1 follower
4 questions
0 posts

Do you have questions about OAuth2.0?

Log in to ask questions about OAuth2.0 publicly or anonymously.

Eli Tribe TEAM
Enterprise Account Manager at Tribe

In this tutorial, we will go over how to set up an OAuth2 SSO for Single Sign-On use within WordPress OAuth Server.

Installing WP OAuth Server

1. Installing the plugin is as simple as any other WordPress plugin and requires a little effort to configure. The configuration is done for you when you finish installing the plugin within your Wordpress:

  • Plugins > Add New > Search for WP OAuth Server Make sure to Install and Activate WP OAuth Server (OAuth Authentication) By WP OAuth Server. Check out step 1 in the tutorial video below.

2. In Wordpress, create a consumer/client using the admin interface. This client will be unique to the site that the Single Sign-On will be taking place. Ensure that the Redirect URI is set correctly. On the left panel click on OAuth Server and click Add New Client:

Client Information

  • Client Name: Name to identify the application. You can pick any name.
  • Redirect URI: You can find the callback Url from Tribe OAuth2 SSO App.
    <Community Url>/auth/oauth2/callback
    ex: https://community.domain.com/auth/oauth2/callback54
  • Client Credential Assigned User: Select a user account that has higher privileges. ex: Wordpress admin account.
  • Once the information is entered, click on "Create Client", and after the client is created, you can see the Client ID and Client Secret which are required for the next step.
  • Under OAuth Server > Settings > General Settings > [OAuth Server Enabled] is checked
  • Check out step 2 in the tutorial video below.

3. Setup on Tribe Community Side

Go to... (More)

Siavash
Co-founder at Tribe

Tribe fully supports Auth0 for both authentication and authorization.

You can easily install the OAuth2 SSO (Single Sign-On) app from Tribe's App Store. Then generate a Client ID and Client Secret in Auth0 panel and enter those information along with the Authorization URL, Token URL, Scope in the OAuth2 SSO setting page in Tribe.

Note: For the Scope field add the following scopes openid email profile

Additionally, you can enter the Sign Up Url and Account Settings Url inside the App settings. For Auth0 you don't need to enter any information for User Info URL and JWT key.

You should also make sure you add the url mentioned in the message (in blue) as callback url in Auth0 panel.

OAuth2 SSO Configuration
OAuth2 SSO Configuration

If you want to use Auth0 access token to perform API calls in Tribe you should install JWT Authorization app as well.

Auth0 supports both JWKS and Public Key verification methods for JWT tokens. To learn more about JWKS you can refer to Auth0 documentation176.

JWT Authorization Configuration
JWT Authorization Configuration

Please note that you can only use JWT Authorization token if the user already logged in at least once using Single Sign On before. Otherwise, since the user does not exist in Tribe yet, you'll receive a 401 'user_not_found' error.

 

At the end, please Enable the app and save the changes.