Okta Single Sign On OAuth / OpenID Connect WordPress SSO End to End Setup Guide | Okta Login


If you want users to login to your WordPress site using their Discord credentials, you can simply do it using our WP OAuth Client plugin. Once you configure the Discord with WordPress plugin, you can allow users to SSO to your WordPress site using Discord. Similarly, you can map your WordPress roles based on your Discord attributes/groups. To know more about other features we provide in WP OAuth Client plugin, you can click here.


You can download OAuth Client plugin using the following link.




Download And Installation

  • Log into your WordPress instance as an admin.
  • Go to the WordPress Dashboard -> Plugins and click on Add New.
  • Seach for a WordPress OAuth Single Sign On plugin and click on Install Now.
  • Once installed click on Activate

Step 1: Setup Okta as OAuth Provider

  • First of all, go to https://www.okta.com/login and log into your Okta account.
  • You will be presented with following screen. Click on Developer Console arrow and select Classic UI from the navigation bar on top.
  • okta1
  • Select Add Applications in shortcuts.
  • okta10
  • You will get the following screen. Click on Add Application button.
  • okta2
  • Choose Web as platform, OpenID Connect as Sign on method and click on Create.
  • okta3
  • You will be redirected to the app details page. Enter Application name and Login Redirect URIs. Copy Redirect / Callback URL from the plugin to Configure Login Redirect URL. Click on Save.
  • okta4
  • You will be brought to App details page. Scroll down to Client Credentials section.
  • okta5
  • Copy these credentials in MO OAuth Plugin configuration on corresponding fields.

Step 1.1: Add & Map Custom Attributes [Premium]

  • Go to the Okta Admin panel. Go to Directory -> Profile Editor.
  • okta2
  • Click on Add Attributes and fill the fields. Click on Save.
  • okta2
  • Once added, go to Mappings -> <Your App Name> to Okta User and add the Custom Attribute from the dropdown and click on Save Mappings -> Apply Updated Now.
  • okta2
  • Go back to Mappings -> Okta User to <Your App Name>. Select Custom Attribute Name from the dropdown menu as shown in the below screenshot. Click on the Mapping arrow, select Apply Mapping on user create and update option. Click on Save Mappings -> Apply updates now.
  • okta2
  • Once you map all those custom attributes you can get all those attributes while SSO. You can refer to the below screenshot for details.
  • okta2

Step 2: Setup WordPress as OAuth Client

  • Go to Configure OAuth tab and configure App Name, Client ID, Client Secret provided by Okta in Step 1. You can use the below Scope and Endpoints.
  • Scope: openid profile email
    Authorize Endpoint: https://{yourOktaDomain}.com/oauth2/default/v1/authorize
    Access Token Endpoint: https://{yourOktaDomain}.com/oauth2/default/v1/token
  • Click on Save Settings to save the configuration.
  • login with azure ad

Step 3: User Attribute Mapping

  • User Attribute Mapping is mandatory for enabling users to successfully login into WordPress. We will be setting up user profile attributes for WordPress using below settings.
  • Finding user attributes

    • Go to Configure OAuth tab. Scroll down and click on Test Configuration.
    • wordpress sso-14
    • You will see all the values returned by your OAuth Provider to WordPress in a table. If you don't see value for Email or Username, etc. make the required settings in your OAuth Provider to return this information.
    • Once you see all the values in Test Configuration, go to Attribute / Role Mapping tab, you will get the list of attributes in a Username dropdown.
    • wordpress sso

Step 4: Login Settings / Sign In Settings

  • The settings in SSO Settings tab define the user experience for Single Sign On. To add a login widget on your WordPress page, you need to follow below steps.
  • Sign In Settings

    • Go to WordPress Left Panel > Appearances > Widgets.
    • Select "miniOrange OAuth". Drag and drop to your favourite location and save.
    • jira sso-16
    • Open your Wordpress page and you can see the login button there. You can test the SSO now.