Facebook OAuth & OpenID connect Single Sign-On (SSO) | Facebook SSO Login
Facebook OAuth & OpenID connect Single Sign-On (SSO) | Facebook SSO Login
Setting up Facebook Social Media Login on WordPress (Facebook SSO) using OAuth2 is easy with WordPress OAuth / OpenID Connect Single Sign-On (SSO) plugin. You can configure plugin using different other Social Media providers / custom OAuth and OIDC providers. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, Role mapping, etc. Here we will go through a guide to configure SSO between WordPress and Facebook. By the end of this guide, users should be able to login to WordPress from Facebook. To know more about other features we provide in WP OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin, you can click here.
Pre-requisites : Download And Installation
- Log into your WordPress instance as an admin.
- Go to the WordPress Dashboard -> Plugins and click on Add New.
- Search for a WordPress OAuth Single Sign-On (SSO) plugin and click on Install Now.
- Once installed click on Activate.
Steps to configure Facebook Single Sign-On (SSO) Login into WordPress
1. Setup Facebook as OAuth Provider
- To get started, Go to Facebook developers console click here and sign up/Login with your facebook developer account.
- Go to the Facebook Developers apps page and click the Create App button to add new app.
- Then choose the Allow people to log in with their Facebook account option as use case and press Next.
- Enter the App Name and Add Contact Email for your Facebook app respectively then click on Create App button to save your settings.
- Go to App Settings -> Basic to view your App Id and App Secret. The App ID is your Client ID and the App Secret is your Client Secret, keep these values handy as you will need them later to configure the miniOrange OAuth Single Sign-On SSO plugin (Refer to the images below).
- App Domain: Write your website’s domain there.
- Privacy Policy URL: Fill in this box with the URL liked to your website’s privacy policy page.
- Terms of Service: Fill in this box with the URL linked to your website’s terms of service page.
- User Data Deletion:drop down, Select Data Deletion Instruction URL (Enter the URL of your page with the instructions on how users can delete their accounts on your site).
- Choose a category from the dropdown in the Category field and pick the App Purpose option that describes your App the best, then press Save Changes to save your configurations.
- Now scroll down and click on Add Platform button. Select the Website option as you are trying to integrate your Facebook Login with a website. Click on Next.
- Next, enter the Site URL (from your miniOrange OAuth Single Sign-On) and click Save. Then, click Continue.
- Click on the Use cases tab on the left side and then click on the Customize button that appears next to the Authentication and account creation item.
- Below the Permissions section, find the email permission and click on the Add button.
- Under the Facebook Login >> settings section click on Go to settings button to add the Redirect/Callback url.
- Into the Valid OAuth redirect URIs field add the Redirect/Callback URL which you will get from the miniOrange OAuth Single Sign-On (SSO) plugin. Click on Save changes button.
- Currently your app is in Development Mode which also means that people outside of your business can not use it. Once your verification is completed, click on the Go live tab and publish your app by clicking on the Go live button at the bottom right corner. Before you press it, it is recommended to check the steps listed on the “Go live” page, if you configured everything properly.
By default, your application only has Standard Access for the “public_profile” and “email” permissions, which means that only you can log in with it. To get Advanced Access you will need to go trough the Business Verification, that you can start on the Verification tab on the left side.
You have successfully configured Facebook as Social Login (OAuth Provider) into your WordPress Site.
2. Setup WordPress as OAuth Client
- Go to Configure OAuth tab and click Add New Application to add a new client application into your website.
- Choose your Application from the list of OAuth / OpenID Connect Providers, Here Facebook
- After selecting the provider copy the Callback URL which needs to be configured in OAuth Provider's SSO application Configuration.
- Enter the Client Credentials like Client ID & Client Secret which you will get from the Facebook SSO application.
-
Please refer the below table for configuring the endpoints for Facebook in the plugin.
App Name: Facebook Authorize Endpoint: https://www.facebook.com/dialog/oauth Access Token Endpoint: https://graph.facebook.com/v2.8/oauth/access_token Get User Info Endpoint: https://graph.facebook.com/me/?fields=id,name,email,age_range,first_name,gender,last_name,link Scope: public_profile email - Click on Next.
- After verifying all the details on the summary page, click on Finish to save the configuration as well as test the SSO connection.
You have successfully configured WordPress as OAuth Client for achieving user authentication with Facebook Single Sign-On (SSO) login into your WordPress Site.
3. User Attribute Mapping
- User Attribute Mapping is mandatory for enabling users to successfully login into WordPress. We will be setting up user profile attributes for WordPress using below settings.
- Go to Configure OAuth tab. Scroll down and click on Test Configuration.
- You will see all the values returned by your OAuth Provider to WordPress in a table. If you don't see value for Email or Username, etc. make the required settings in your OAuth Provider to return this information.
- Once you see all the values in Test Configuration, go to Attribute / Role Mapping tab, you will get the list of attributes in a Username dropdown.
Finding user attributes
4. Sign In Settings
- The settings in Single Sign-On (SSO) Settings tab define the user experience for Single Sign-On (SSO). To add a Facebook login widget on your WordPress page, you need to follow the below steps.
- Go to WordPress Left Panel > Appearances > Widgets.
- Select miniOrange OAuth. Drag and drop to your favourite location and save.
- Go to WordPress Left Panel > Appearances > Widgets.
- Select miniOrange OAuth. Drag and drop to your favourite location and save.
- Open your WordPress page and you can see the Facebook SSO login button there. You can test the Facebook Single Sign-On (SSO) now.
- Make sure the "Show on login page" option is enabled for your application. (Refer to the below image)
- Now, go to your WordPress Login page. (Eg. https://< your-wordpress-domain >/wp-login.php)
- You will see an Facebook SSO login button there. Once you click the login button, you will be able to test the Facebook Single Sign-On (SSO).
In this Guide, you have successfully configure Facebook Single Sign-On (SSO) by configuring Facebook as OAuth Provider and WordPress as OAuth Client using our WP OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin. This solution ensures that you are ready to roll out secure access to your WordPress site using Facebook login credentials within minutes.
Additional Resources
Mail us on oauthsupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.
Need Help? We are right here!
