We have seen a lot of questions come in about using WordPress OAuth Server for Single Sign On. From these questions we are starting to see that there is a misconception about OAuth being Single Sign On (aka SSO).

What is OAuth?

OAuth1.0a and OAuth 2 are a user authentication protocol that allows a user to authorize access for an outside system to act on their behalf. The protocol uses what is known as access tokens. Once and access token is obtained, an outside system can then do things on behalf of the user.

What is Single Sign On?

SSO is a term used by many that describes a user being able to use the same user credentials on many different systems. For example, you may want your users to be able to seamlessly log into your intranet, your CRM system and ticketing system using only a single login.

So why is OAuth not Single Sign On?

SSO is not the same thing as OAuth. Period… SSO simply uses OAuth (one of many ways) as a means to allow the same user credentials on multiple systems. The processes that the OAuth protocol takes can be used to obtain an access token. Once an access token is obtained, a system make a request to the OAuth provider for the users information. Using this information, a system can ten check to see if the user has an account in its own database. If the user does not have an account, the system can then create an account using the user’s email or other unique identifier.

All of this process takes place behind the scenes making the connection and login process SSO.

What about WordPress Single Sign On?

Using a plugin like WP OAuth Server, you can enable your WordPress site to act like an OAuth Provider. Being an OAuth provider will give you the abilities to provide SSO to any outside system that wants to use your WordPress user database as it own.

In short, OAuth is not Single Sign On but rather a means to provide SSO.

2 responses to “OAuth is not Single Sign On”

  1. Jordan says:


    Is this plugin still available? Not sure if the link is wrong or if this is no longer maintained.

Leave a Reply

Your email address will not be published. Required fields are marked *

Other Posts

We have put together some other posts that you may like.

New 3.5.6 WordPress OAuth Server Release Contains Live Chat Support and REST API Blocking

Hello Everyone! Today we are launching the newest update for WP OAuth Server and...

Read more

3.4.5 version of WP OAuth Server Released

Today we  excited to release version 3.4.5 of WP OAuth Server. The updates were...

Read more

Road Map for WP OAuth Server 3.5

The team at Dash1o Digital has been working hard to maintain WP OAuth Server...

Read more

Are you looking for an awesome digital solution?