Search Results :×
Are you looking to add login into mobile app using WordPress credentials? miniOrange OAuth 2.0 Server/Provider is the solution for you! SSO or Single Sign-On has been in use by enterprises for more than a decade now. It has been quite popular for web-based applications, but for mobile applications; SSO has been an intricate task. New technologies and notions are using OAuth 2.0 flow; which allows users to do mobile application SSO seamlessly. A few ways to achieve this are discussed below.
PKCE or Proof Key for Code Exchange is a security extension of OAuth 2.0 for mobile applications Single Sign-On (SSO )using WordPress Server. It is intended to avoid compromising the client_secret. The flow uses two parameters, the code verifier and the code challenge instead of the client secret.
The detailed flow of PKCE is described below:
The aforementioned flow requires the user to be redirected to your WordPress site. So, it can be done in 2 ways, either you can open a webview inside your mobile app, or redirect users to the browser application.
The Resource Owner Password Grant Flow uses the user credentials (eg. email and password) directly and sends them in the POST request of the application. Then, an id or access token with a refresh token is returned to the application, which can be fetched from the id_token directly by decoding it, or sending an API call to the userinfo endpoint using the access_token.
The detailed flow of the Resource Owner Password Grant is described below:
If you have any questions or queries or want to discuss your use case, please feel free to reach out at email@example.com we will provide you demo and show you the working of the solution so that you are 100% sure about the solution before you decide to purchase it.
Need Help? We are right here!
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to firstname.lastname@example.org
Necessary cookies help make a website fully usable by enabling the basic functions like site navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any personal identifiable information. However, some parts of the website will not work properly without the cookies.
These cookies only collect aggregated information about the traffic of the website including - visitors, sources, page clicks and views, etc. This allows us to know more about our most and least popular pages along with users' interaction on the actionable elements and hence letting us improve the performance of our website as well as our services.