We currently use the plugin with keycloak and it authenticate in two different ways. if we do a logout it seems to allow logging out only from the first method while the second way does not log out. Asking some colleagues the mentioned a “backchanel logout config” that they use in some other SSO client.
I am not able to find this configuration in the plugin.

• This topic was modified 2 weeks, 2 days ago by Márcio Lopes F?o.

Today, I came across an issue where users from our IDP (Keycloak) could not be mapped to the site. I wanted to restrict access to any pages or subpages of my WordPress site, so I enabled the SSO option ‘Restrict site to logged-in users.’ However, after login, I received the error: ‘You do not have permissions to login with your current roles.

Thanks.

Best regards

Jahid

Hello Team,

I configured the oAuth provider ( https://prnt.sc/2suLUPhkx5e6 ) in my wordpress website, and when i try to login using the login button. I am successfully redirected to my laravel login page. After entering the login details of Larval IDP i am getting an error ( https://prnt.sc/atzYeWrW1Bks ). Wp backend has the same error when clicking on the test configure button ( https://prnt.sc/_AUIPhHs_Jl- ) Could you please help me to fix this issue.

Thanks

Is it possible to configure the OAuth Single Sign-On (SSO) plugin to only show the SSO authentication for admin logins, while allowing other users to access the website without seeing the authentication prompt, if we have connected three sites using the plugin?

I am trying to integrate it with SSO Keycloak, everything seems functional except that I still need the login screen.

I tried adding the login button using the shortcode but it is only available in the standard subscription.
I see there is a widget option before the shortcode, but my current plugin seems to not suport it.
I even tried adding the plugin classic widget but that also does not work.
Is there any way It can work ?
Is there a way I can call the widget php code from the backend?

Hello

I get the error listed in the title when trying to do the attribute mapping step listed here. This occurs despite having completed the test configuration step with the details of the test config appearing in a box to the right of the attribute mapping area.

Does anyone know why this is occurring?

• This topic was modified 3 months ago by aursu.

Is it possible to use the free miniOrange plugin for WordPress for ID verification with the danish MitID – so that a user that has created an account on the site after that can verify his or her identity ?

Hi there! This plugin is working great when users authenticate via the standard WordPress login page. But I have a WooCommerce plugin active and that creates its own login page. Is there a piece of code I can add to add the WooCommerce login page that will add this sso login?

I have 100 users in square up and i can set only one user in admin panel, why? I need login all users not one.
How do it?

Automatic mode not working – https://prnt.sc/no1s0B4Px0xV

• This topic was modified 4 months, 4 weeks ago by protsport4991.

I’m trying to test out the plugin on my website using Wild Apricot, but the configuration test fails at the end of the setup wizard with the message “Unable to enter the credentials, please click on Re-run test button.”

I have double and triple checked that my client ID, client secret, and account number are correct.

How do I get this set up properly?

Greetings,

Is there a way to autoconfigure plugins using the WP-CLI? There’s an option for SAML, but I haven’t found one for OIDC. miniOrange SAML WP-CLI documentation

Best regards

Jahid

We wanted to automate configuration SSO OAuth Plugin (Premium Plan) using Ansible.

To streamline the process, we need to automate the following steps:

1. Login to the miniorange account: This involves providing the email and password associated with our miniorange account.
2. Enter the License Key: Once logged in, we’ll need to input the license key for the SSO OAuth Plugin.
3. Configure SSO with attribute and role mapping: Finally, we need to set up the Single Sign-On (SSO) by mapping attributes and roles.

To automate these steps effectively, we require access to the REST API documentation.

So my question, is there any REST API available?

Or, is there any other option to automate plugin configuration?

Thanks and best regards

Jahid

We needed to setup Swiss Rx for a swiss website and if you need to go on Multisite mode, you can which is great but don’t forget to save your config file. Basically you need to check a box to pass the auth on the body too so that it works.

For custom roles management, we used a snippet at the network level and it works. Thanks to the support team they took really extra care to make it work for us.

hi
We try to set the plugin into our dev env for our WP site but when pressed test config button it shows the window with the error in the url tab for unauthorized client, but the details on the settings such client id and client secret are correct from our application.
See the screenshots from the links from the settings panel, the window after pressed Test Config button and the setups in our app that we try to connect WP to it with use of the plugin
https://ibb.co/y4c5SLG
https://ibb.co/ZJfKDD4
https://ibb.co/S60CNLD

Can you help us to do the correct settings so we can start to use the plugin, please?
Best,
Ilian

This is a nice tool, but I have a quick question. I want only the WordPress users we already have to log in using Azure AD. If someone tries to log in without a valid email address in our WordPress users, we don’t want to give them access to our site and we do not want any new users created. Does the free version of this plugin allow this?

• This topic was modified 10 months ago by babavemwana. Reason: missed a word queston. Fixed now
• This topic was modified 10 months ago by babavemwana.

Hi. We’re using a third party oAuth server to manage the login and user management for a set of separate WordPress installations. We need to be able to make GraphQL calls to the remote server to get user information, and so need the authorisation token to pass back to the remote server. But this token doesn’t seem to be passed as a client cookie nor as a server cookie. Does the free plugin do this? Can it be enabled in the premium version?
Thanks in advance.

Use in headless Woocommerce

Hi,

I have multiple WordPress websites. I want to implement SSO on these websites. I can use your plugin for this SSO functionality.

But my requirement is I don’t want to store users data in WordPress database. I want to store users data only in Azure B2C directory.

Can you guide me how to store users data only in Azure B2C directory and not in WordPress database?

Hi dear support,

Is it possible, in the free version of the plugin:
I have a WordPress Multisite installed with
– Main Site
– Subsite A(with a different domain)
– Subsite B (with a different domain again)

so basically 3 domains – that a user who logs in into subsite B – if he changes the URL and switches to the main subsite A – Will he still be logged in?

Or do I need a “Standarf” or “pro” version for this?

Thanks in advance.

• This topic was modified 11 months, 2 weeks ago by keramikoch.

If you set the OAuth authentication of Discord, you will get “Invalid_client” in the test connection. The error log is as follows. What should I do?

[2023-09-20 04:48:54 UTC] : OAuth plugin catched the flow, $_REQUEST array=>
[2023-09-20 04:48:54 UTC] : Array
(
[code] => xxxxxxxxxxxxxxx
)

[2023-09-20 04:48:54 UTC] : Authorization Response Received
[2023-09-20 04:48:54 UTC] : OAuth Flow
[2023-09-20 04:48:54 UTC] : Token request content =>
[2023-09-20 04:48:54 UTC] : Token Request Sent => https://discordapp.com/api/oauth2/token
[2023-09-20 04:48:54 UTC] : body =>
[2023-09-20 04:48:54 UTC] : Array
(
[grant_type] => authorization_code
[code] => xxxxxxxxxxxxxxx
[redirect_uri] => xxxxxxxxxxxxxxx
)

[2023-09-20 04:48:54 UTC] : headers =>
[2023-09-20 04:48:54 UTC] : Array
(
[Accept] => application/json
[charset] => UTF - 8
[Authorization] => Basic xxxxxxxxxxxxxxx
[Content-Type] => application/x-www-form-urlencoded
)

[2023-09-20 04:48:54 UTC] : Token Response Received => {"error": "invalid_client"}
[2023-09-20 04:48:54 UTC] : Token Response Received => ERROR : invalid_client

When i configure miniorange, i think i already correct input all with correctly, but why when i try test configuration it’s return home, not return table like the tutorial, can someone help me please

I have two WordPress installations and I would like to test your SSO, I installed the plugin on site A , but after the configuration the test gives me a 404 error and does not allow me to complete the configuration, what am I doing wrong?
Something in the configuration ?

{“code”:”rest_no_route”,”message”:”No path matches the URL to the requested method.”,”data”:{“status”:404}}

thank you very much

Can’t set this up at all. Trying to implement SSO for staff to manage the website. On the configuration screen (after setting up OAuth) I get error “There has been a critical error on this website. Please check your site admin email inbox for instructions.”. Also, where the “login with google” button should appear on the wp-admin login page, I also get “There has been a critical error on this website. Please check your site admin email inbox for instructions.” with no more login button at all.

My client needs to add oAuth or SSO authentication for one customer. Would this affect their other customers or could the other customers continue using their standard WP usernames and passwords?

Thanks!

<font _mstmutation="1"></font>

hello.

My working environment is as follows.

OAuth Single Sign On - SSO (OAuth Client) - Version 6.24.6
php - v7.4.33
httpd - Apache/2.4.6 (CentOS)
WordPress 6.2.2
IDP - Keycloak 21.0.2

We are testing the integration with Keycloak using the OAuth Single Sign On plugin.
We are testing by referring to the videos and manual documents you provided.

Create a login button with Appearance > Widgets
Keycloak login was successful, but in the process of returning to WordPress afterwards
I am getting an error.

The error-log contents are as follows.

[Mon Jun 12 14:20:22.293646 2023] [php7:error] [pid 18955] [client 112.220.228.26:50124] PHP Fatal error: Uncaught Error: Object of class WP_Error could not be converted to string in /var/www/html/wordpress/wp-includes/formatting.php:1098\nStack trace:\n#0 /var/www/html/wordpress/wp-includes/formatting.php(4600): wp_check_invalid_utf8()\n#1 /var/www/html/wordpress/wp-content/plugins/miniorange-login-with-eve-online-google-facebook/handler/class-mo-oauth-handler.php(105): esc_html()\n#2 /var/www/html/wordpress/wp-content/plugins/miniorange-login-with-eve-online-google-facebook/handler/class-mo-oauth-handler.php(146): MO_OAuth_Handler->get_token()\n#3 /var/www/html/wordpress/wp-content/plugins/miniorange-login-with-eve-online-google-facebook/class-mooauth-widget.php(476): MO_OAuth_Handler->get_id_token()\n#4 /var/www/html/wordpress/wp-includes/class-wp-hook.php(308): mooauth_login_validate()\n#5 /var/www/html/wordpress/wp-includes/class-wp-hook.php(332): WP_Hook->apply_filters()\n#6 /var/www/html/wordpress/wp-includes/plugin.php(517): WP_Hook->do_action()\n#7 /var/www/html/wordpress/wp-settings.php(623): do_action()\n#8 /var in /var/www/html/wordpress/wp-includes/formatting.php on line 1098

I looked at the contents
function wp_check_invalid_utf8( $text, $strip = false )
I'm having a problem with the function.

I am still testing the free version.
If the above problem is resolved and normal login is made, we will proceed with purchasing the plugin.

I would appreciate it if you could give me a quick solution.

Hi there,

I’m trying to finish the plugin setup, but I’m not able to find a feature (not sure if the plugin has it or not). This feature is Front channel logout.
In summary, using the same IDP, If I’m logged in into another site, and click logout, I’d like to log out the user from the current session also.

Thank you,
Stefano

Hi, I’m trying to set up OAuth Single Sign On – SSO (OAuth Client) with the custom openid.

I have everything in place, authorize/token urls, client id, cleint secret, scopes, everything that the wizard asked for.

I even can see the button at the wp login page that says “Login with [APP_NAME]”. My issue is that when I click this button, instead of going to my IDP login page, I end up in my main WP page with the query strings “option” and “app_name”

Any idea on what I might be missing?

Thank you,

Stefano

Hello,

I would like to understand how to configure the Open ID with France Connect, I’m currently struggling with the service

could you please help me ?

Thank you

Amaury

Hello,
I want to use your plugin with Amazon Cognito, but I have the doubt if when the user registers will be added to the WordPress database and the Amazon database or only to the Amazon database, in that case what should I do ?

Thank you.

I just got the email below from Google Developers, I was wondering if you guys have a solution for this?

Thanks in advance!

Here’s the email-

Hello Google Developer,

We’re writing to let you know that we detected the use of an embedded webview in requests to Google’s OAuth 2.0 authorization endpoint in the past 120 days associated with one or more of your OAuth client IDs listed in this email.

Any affected authorization endpoint requests will be blocked with a disallowed_useragent error starting July 24, 2023. Affected requests to our authorization endpoint will display a user-facing warning message starting in May until July 24, 2023.

What do you need to know?

Embedded webview libraries are highly customizable, which can expose Google’s login and account authorization pages to potential “man-in-the-middle” attacks. Google’s OAuth 2.0 “Use secure browsers” policy helps us protect users from these and other types of attacks.

Examples of affected embedded webview libraries include android.webkit.WebView on Android and WKWebView on iOS or macOS.

What do you need to do?

• Review our June 2021 Google Developers blog post, Security changes to Google’s OAuth 2.0 authorization endpoint in embedded webviews, to determine potential next steps.
• Consider how enterprise and educational users might be impacted by embedded webviews in your app(s).
• If you are able to modify the authorization requests of your app, you can choose to test your application for compatibility with our “Use secure browsers” policy after making the necessary changes.

Note: Suppression of the user-facing warning message is not supported