I'm trying to modify WordPress to have the following features: Users are created in Active Directory and assigned to groups. Users can login to WordPress via Active Directory. Pages can be locked down to only be visible to members of certain Active Directory groups. A "Downloads" page can be seen by members of any of several groups but each group can only see downloads that they have been given permission to see (I'm flexible to how this could be represented …

I am trying to get a customized sign on process. The features that are absent in WordPress by default are the following: Allow user to choose a password at the time of registration. Allow user to sign in using social networks particularly Facebook, Twitter and Google plus. Verify user's Cell Phone number using sms for activating account. Let the default role of every new user, irrespective of the sign in method, be elevated to contributor. Upon successful log in, the …

I have a wordpress site (lets call it site1) and another site with oauth2 (site2). When a new user is created, a record is created in both site1 and site2 databases with the same email as username, the typed password hashed in site2 database and a dummy (e.g. "pass") password for site1 database. Then login action authenticates with site2 database using a RESTfull API. If authentication is successful, I want to programmatically log the user in to site1 (wordpress), if …

Long story short: When I programmatically create a user with wp_insert_user and log him in with: wp_clear_auth_cookie(); clean_user_cache($user->ID); wp_set_current_user($user->ID, $user->user_login); wp_set_auth_cookie($user->ID); update_user_caches($user); I get a 403 error when reaching woocommerce-Checkout when I want to purchase a test product and can't finish the order process. When I automatically create a user and manually login via default woocommerce login-form it works fine. Currently testing in a local environment. Details: I have a custom web-application with its own registration and login. Subscriptions will …

I have a little non-standard WP dev environment, I use one WP core for all my projects and switch each project in core's wp-config.php just changing the $project variable (e.g. proj1, proj2, example...). Projects and core are separated and each project has its own DB, wp-content folder, wp-config-dev.php (DB credentials and table prefix), and wp-config.php (usual wp-config that I deploy on the server). //core's wp-config.php <?php $project = 'example'; define( 'WP_CONTENT_DIR', 'C:/dev/projects/'.$project.'/wp/wp-content' ); define( 'WP_CONTENT_URL', 'https://projects.folder/'.$project.'/wp/wp-content' ); include('C:/dev/projects/'.$project.'/wp/wp-config-dev.php'); if ( …

I have two wordpress website Ex:abc.com and xyz.abc.com (both are in wordpress). i want to implement single sign on(SSO) into this two website without using multisite functionality.

We're about to launch an internal blog for the company I work at. Much of the blog will be available to the public, but certain posts will be for employees only. Our intranet/extranet has an OpenID endpoint which we would like to use to secure the private blog posts. There are many benefits to this – not least that people won't have to sign in with yet another username and password. Additionally, when someone new to the blog signs in …

****SEE Edits below**** Edit added 1/4/2018 I started over again, following the instructions. As far as I can tell everything is correct including the synchronization plugin. fpw-sync-users.php in test.oursite.com 3 occurences of $other_prefixes = array( 'wp5l_', ); fpw-sync-users.php in forum.oursite.com 3 occurrences of $other_prefixes = array( 'wp7g_', ); Is that correct? What happens when I try to log in on either site is it just refreshes the login page and nothing happens. There are no error messages ****END EDIT**** My …

I'm trying to build a simple way to give access to users that I want under my account. As I see, WordPress stores two sessions ID: wordpress_logged_in_% and wordpress_. I was wondering, is there no way to force wp_signon or a core function to bypass the need for an user / password and use a cookie instead?

I'm currently working on a shop like project that uses React as frontend and Wordpress with Woocommerce as a backend. To authenticate with the API I use the JWT Authentication for WP REST API, which works great. The problem I'm facing is that I want to redirect to a checkout page that is not part of the PWA but a traditional Wordpress page. Is there any way that I can create a WP session using the JWT token I created …

This is essentially a repeat of this question, but it has not been answered. I am trying to create an SSO system between two separate WordPress installs that are on different servers using different databases. The main site has a full database including a users table containing over 300,000 users. Because of the size of the users table, we do not want to replicate each of them on the second site or do a traditional SSO system where each user …

I have an Internal WordPress site and would like for the Active Directory users to Automatically authenticate to the site using the Windows Credentials. What would be the best way of solving this issue?

We're using JWT (JSON Web Token) for authenticating our WordPress application with an external service. The current flow we're thinking of is like this: The user signs in on the the parent site The parent site sends a POST request with the user information and the JWT token to the WordPress site The WP site stores the JWT token The token is checked for expiry every time the user visits a new page, and if the token is expired, the …

I'm about to start working on a prototype for a client - and one of the required features is integration with an in-house user authentication / registration system. This system will act as the authoritative user database, and provides a RESTful interface for creating new users, and authenticating valid users. I need to be able to create new users in WP and as part of that process make a call to the external authentication API to either create / validate …

I have an ASP .Net MVC site and I would like users who are logged in to my site to be able to access a separate WordPress site which I also own. Otherwise, if a user is not logged into my ASP .Net site, the WordPress site should remain private. What is the easiest way to implement this? I thought about SSO but it seems like overkill for this simple scenario. I don't need users identified on the WordPress site; …

i have a wordpress website installed (without multisite wordpress network feature) on server so i want to login to other wordpress website with same credentials.. in-details: i want to create a link so, when user sign in into first website then he/she clicks on a single link and then automatically he signup(is not signup before means new user )/ signin (if exiting user) into second website ... Link code :

I need to create a single signon for domain1.com and domain2.com. I found only solutions for subdomains or multisites in this forum, but that isn't what I need. I've found out, that a single signon would be the best for my needs: Requirements no subdomains no multisite both domains are wordpress sites domains are on different server/webspace/database We have FTP access to both domains The registration form on domain1.com should not be changed if possible User data should send to …

We currently have a multisite wordpress setup and would like to separate them out and host each site in its specific country for speed increase. We also will have a domain site that will be an like an application (global). We want each user to be able to log into their country site and also be automatically logged into the app. What is the best approach to achieve this?

I made a wordpress for internal professional buisness. I'm looking to use SSO to accept users from my company in my wordpress forums. I'm just looking a way to use SSO sAML in order to create accounts. Is something like this is possible ? Is there any addons ? Any feedbacks ? Thanks a lot.

I am using wordpress for a blog on my site. So I installed wordpress in a subdirectory (eg: www.example.com/blog). I handle all of the sign in/sign out through my main site. For signing in I set a cookie which is read upon entering the wordpress site. However, when it comes time to sign out, I want to also remove the cookie that WordPress sets (it starts with "wordpress_logged_in"), so that the user will also be signed out of the wordpress …