WP OAuth Server

Stay tuned with our latest blog posts

WordPress to Force SSL for New Features?

I have always been an advocate for security. For many years ( ~8 years ), I have been voicing my opinion about using updated foundations in order to take advantage of what the internet has to provide. This means, enforcing stricter PHP versions, updated server packages, etc. There is always push back from the community […]

Tuesday December 27, 2016

Multiple Platform Authentication With WordPress

WordPress is a great CMS and is only gaining more traction. Although According to https://trends.builtwith.com/cms, WordPress is now 37% (at the time of this post) of all CMS on the public internet. That is impressive! You know what is not impressive? The lack of authentication standards WordPress supports natively. The WordPress development community pushes back pretty hard when […]

Thursday December 8, 2016

Maintenance is Complete

I want to personally apologize for any inconvenience our sites downtime may have caused. There was some unforeseen problems with DreamHost’s VPS service that I could not justify. While the site was down you may have noticed that the ticketing system was not working as well. All should be back up now. The ticket system […]

Wednesday November 9, 2016

We Moved… We are now proudly hosted on With DreamHost VPS.

UPDATE: We have moved our server back to our dedicated server. There was just too many issues with performance and the service in general. We apologize for any inconvenience this may have caused. Today was the BIG day that we have been keeping hush about. We decided to move to DreamHost for our website and […]

Monday November 7, 2016

Have a security notice in the free version? Let me explain

Recently I was approached and told that I may be misleading users by a message that was being displayed in the free version of WP OAuth Server (https://wordpress.org/plugins/oauth2-provider/). I was told that the message was being used to funnel users to purchase WP OAuth Server. I can assure your that this was not the case. The […]

Tuesday October 25, 2016

What is in store for the future of WP OAuth Server

When I started working on WP OAuth Server 4 years ago, the idea was to provide a simple way for WordPress to become an OAuth Server. The initial build had a simple goal; to provide the ability for Single Sign On. WP OAuth Server (then named “OAuth2 Provider“) started gaining traction in the education realm along with […]

Tuesday October 25, 2016

Staying Safe with WordPress OAuth Server

Earlier this week is was brought to my attention that there is relatively new exploit effecting people using the PROXY header. Providing support for WP OAuth Server, I can say that there is a lot of systems using the PROXY header. Some hosts just use it by default. The exploit is known as Httproxy. You […]

Thursday July 21, 2016

WP OAuth Server 3.2.81 Minor Released

Version 3.2.81 of WP OAuth Server has been released. This update contains minor fixes to coding standards for WordPress as well as some bug fixes that did not make it into the 3.2.8 push. Updates Include: Fix for what we thought was a redirect_uri issue. It turned out to be an action parameter issue. User Claims now are […]

Tuesday June 28, 2016

How to Make Free Money with WP OAuth Server

I am proud to announce that wp-oauth.com has launched an all new affiliate program. The program allows you to send referrals to wp-oauth.com and receive a payout on your commission at the end of each month. Our affiliate program is a free program designed for you to earn money. With the affiliate program, you earn 10% of all […]

Tuesday June 21, 2016

WP OAuth Server 3.2.8 Released

Today I released version 3.2.8 of WP OAuth Server. This updated contains some mostly enhancements and 1 bug patch: Fixed user Claims with OpenID and ID Token calls. Added wo_get_access_token function for public use. It is recommended that you update as soon as you get the time to do so. If you have any troubles […]

Tuesday June 21, 2016