Configuring OAuth2 for WordPress | WordPress OAuth Codex

Configuring OAuth2 for WordPress

Documentation under "General" for WP OAuth Server


Configuring OAuth2 for WordPress

Configuring OAuth2 for WordPress is simple and starts with ensuring WP OAuth Server is installed and activated in the WordPress plugins options page.

Checklist

  1. Install WP OAuth Server
  2. Activate WP OAuth Server
  3. Set Global Settings
  4. Create a Client

Installing & Activating

There are two ways you can install OAuth2 through a plugin.

  1. Download https://wordpress.org/plugins/oauth2-provider/
  2. Search for “WP OAuth Server” in the plugin options screen.

You can find out how to install WordPress plugins by visiting https://wordpress.org/support/article/managing-plugins/.

Configuring Global Settings

Once the plugin is installed, go to OAuth Server -> Settings to access the global settings. There are two tabs for settings.

  1. General
  2. Advanced

The global settings are set to a default state which works for most installs out of the box. Go to the General Settings tab and ensure that “OAuth Server Enabled” is checked.

Create a Client

Before any calls can be made to, a client needs to be created. By creating a client, an authorized set of credentials are being created so that other sources can begin authorization flow. Go to OAuth Server -> Clients -> Add New Client. On the client screen, you will be presented with fields.

  • Grant Types
  • Client Name
  • Redirect URI
  • Advanced Option

Give the client a name that describes the client. For example, if there is a mobile app that will be connecting to WordPress’s OAuth2 API, name the client the mobile apps name. The next step is to determine which grant type the client will be allowed to utilize. In most cases, the “Authorization Code” is good. If you need further assistance with which grant type to use please visit the Grant Types documentation.

The Redirect URI can be a bit tricky but for a basic configuration, you can leave this blank. The Redirect URI is an authorized URL that the client will be redirected to (if using authorization code grant type). OAuth2 has a flow and the Redirect URI setting for a client allows systems to be whitelisted for security.



Search Documentation

General Articles

Below is a list of "General" documentation articles.

OAuth Server 3.8.2

WP OAuth Server Pro allows for Unlimited clients and multiple grant types.

BUY NOW