WordPress OAuth Server plugin enables AWS Cognito Single Sign-On (SSO) using
your WordPress username and password. Once you configure the AWS Cognito with
WordPress OAuth Server plugin, you can login to your AWS Cognito using
WordPress credentials. OAuth Server plugin also allows you to send custom
WordPress user attributes to your AWS Cognito as per your
requirements. To know more about other features we provide in WordPress OAuth
Server plugin, you can
Download And Installation
Log into your WordPress instance as an admin.
Go to the WordPress Dashboard -> Plugins and click on
Search for a WordPress
OAuth Server Single Sign-On (SSO) plugin and click on
Steps to configure WordPress Login into AWS Cognito Single Sign-On (SSO)
1. Setup WordPress as OpenID Connect Server
Go to miniOrange OAuth Server plugin on the left side menu and
choose your OpenID Connect client from the list, Here
Custom OpenID Connect.
Enter Client name as you want. Enter the Redirect / Callback URL like (https://Your-cognito-app-domain/oauth2/idpresponse)
from AWS Cognito and enter under Redirect URI field. Click
on Save client button.
Note down Client ID, Client Secret, and Discovery Endpoint to configure in your
OpenID Connect Client.
2. Setup AWS Cognito as OpenID Connect Client
First of all, go to Amazon Console and sign up/login in your account to Configure AWS Cognito.
Search for Cognito in the AWS Services search bar as shown below.
Click on Mange User Pools button to see the list of your user pools.
Click on Create a user pool to create a new user pool.
Add a Pool Name and click on the Review Defaults button to continue.
In the navigation bar present on the left side, click on Identity providers option and select the OpenId Connect.
Provide the necessary details, such as provider name, Client ID, Client Secret, Scope, and Issuer Endpoint. Paste the Discovery Endpoint (which is available in our premium plugin version) from miniOrange OAuth Server plugin under Issuer. Click on the Run discovery button and then Create Provider.
Scroll down and click on Configure Attribute Mapping option.
Add the OIDC attribute and User pool attribute by clicking on Add OIDC attribute option. Click on Save Chnages button.
click on “App client” & then again click on Add an app client.
Enter an App Client Name and click on Create app client to create an App client.
Go to domain name and enter a domain name for your app. After adding domain name you can check its availability by clicking on “Check availability” button. After entering valid domain name click ”Save changes” button.
In the navigation bar present on the left side, click on the App Client Settings option under the App Integration menu.
Enable Identity provider as Select all and enter your Callback/Redirect URL which you will get from your miniOrange plugin present on your Server side under the CallBack URLs text-field. Select Authorization code grant checkbox under the Allowed OAuth Flows and also select openid and profile checkboxes under the Allowed OAuth Scopes option (Please refer to the image below). Click on the Save Changes button to save your configurations.
Scroll down and click on Launch Hosted UI option and click on login button.
You have successfully configured AWS Cognito as OAuth Client for for achieving AWS Cognito Single Sign-On (SSO) with WordPress for user authentication.
In this Guide, you have successfully configured
AWS Cognito Single Sign-On (SSO) with WordPress as OAuth Provider and
AWS Cognito as OpenID Connect Client using our WP OAuth Server plugin. This
solution ensures that you are ready to roll out secure access to your
AWS Cognito application using WordPress site credentials within minutes.
Mail us on
for quick guidance (via email/meeting) on your requirement and our team
will help you to select the best suitable solution/plan as per your
Need Help? We are right here!
Contact miniOrange Support
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to firstname.lastname@example.org
This privacy statement applies to miniorange websites describing how we handle the personal
When you visit any website, it may store or retrieve the information on your browser, mostly in the
form of the cookies. This information might be about you, your preferences or your device and is
mostly used to make the site work as you expect it to. The information does not directly identify
you, but it can give you a more personalized web experience.
Click on the category headings to check how we handle the cookies.
Strictly Necessary Cookies
Necessary cookies help make a website fully usable by enabling the basic functions like site
navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any
personal identifiable information. However, some parts of the website will not work properly without
These cookies only collect aggregated information about the traffic of the website including -
visitors, sources, page clicks and views, etc. This allows us to know more about our most and least
popular pages along with users' interaction on the actionable elements and hence letting us improve
the performance of our website as well as our services.