Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 
  • OAuth 2.0 Authentication on Wordpress site

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 901
    Comment on it

    We are here to discuss OAuth 2.0 Authentication in wordpress. Do you know about OAuth?. What is OAuth?. OAuth is nothing but a open protocol which is useful to allow authorization by easy and secure methods from web/mobile/software applications.
    In wordpress OAuth 2.0 protocol allows applications to access the blogs on wordpress.com and third party website using jetpack. With any other username and password, user can interact with the blogs hosted on wordpress.com and other websites using jetpack.


    There are two types of authentication endpoints

    A) Authorization endpoint (https://public-api.wordpress.com/oauth2/authorize)

    B) Token request endpoint (https://public-api.wordpress.com/oauth2/token)

    You should have few keys like client id, client secret id, redirect URi to process your application. Without these details api calls will remain unvalid. Kindly create your app from this link https://developer.wordpress.com/apps/

    Access token is required to develop your application. Through access token you can authenticate the api calls. You can request one access token per user or access token per blog.

    There are many details to pass in endpoint url like below.

    https://public-api.wordpress.com/oauth2/authorize?client_id=your_client_id&redirect_uri=your_url&response_type=token&blog=355
    

    A) client_id : application client id

    B) redirect_uri : After authentication user will be redirect to this url. It must be same as application redirect url.

    C) response type : there are two values for this parameter. one is code and other is token. Code will not expired and it will give the surety for secure interaction. For token , it will be valid only for two weeks.

    D) blog : It is optional and you need to send the blog id for which the user is authenticated,

    E) Scope : it is also an optional. You can set the value to global or auth. When you set the value to auth then it will authentication the user for one blog and when you set it to global then user can access all the authenticated blogs. If you set the value to global then you need to omit the blog parameter.

    for Code Authentication: We will do the request as follows.

    https://developer.wordpress.com/?code=fhfhddf
    

    for token we will do the request as below

    https://developer.wordpress.com/#access_token=YOUR_API_TOKEN&expires_in=34534&token_type=bearer&site_id=blog_id
    

    You can also validate the token using this url

    https://public-api.wordpress.com/oauth2/token-info?client_id=your_client_id&token=your_token
    

 0 Comment(s)

Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: