Today we launched WordPress OAuth Server version 4.1.0 which contains some bug fixes, improvements, and a huge support update.
WP OAuth Server has supported OpenID for a long time as well as semi support for generic JSON Web Tokens. This released includes full support for JWT to include a complete JWT as an access token. The built-in endpoints including “introspection” and “me” have been updated to use better logic for JWT usage.
The 4.1.0 update also includes revised routines for database installing and updating. Prior versions would display an error on update due to the lack of backwards compatibility. These code changes have fixed the issues some were experiencing,
The biggest feature update to WP OAuth Server in version 4.1.0 is the support for PKCE or Proof Key of Code Exchange. Support for PKCE has requested for some time but required core code refactoring. Version 4.1.0 support the full spectrum of PKCE now.
PKCE support includes “plain” and “s256” (SHA 256) methods for the code challenge. This ensures that PKCE integration between is highly compatible with 3rd party clients that use Proof Key of Code exchange.
Be sure to update as soon as possible to take advantage of the new features. The updates are included in new downloads as well all active license holders.
Happy Holidays from our team to you!