Join Agency Program today.

2x Leads & 50% Cost Savings on Hosting. Join Agency Program today.

Apply Now
Log In
Get Started
WordPress Plugins
OpenID Connect Generic Client

OpenID Connect Generic Client

A simple client that provides SSO or opt-in authentication against a generic OAuth2 Server implementation.
Rating:
5.0
star-rating-1star-rating-2star-rating-3star-rating-4star-rating-5
Active Installations:
9000+
Last Updated:
Apr 09, 2024
WordPress Version:
5.0 or higher
Tested up to:
6.4.5
Try Demo
Download

Seamless user authentication

Easily authenticate users using OpenID Connect OAuth2 API with Authorization Code Flow. Enable Single Sign-On (SSO) or provide a "Login with OpenID Connect" button on the login form for a seamless user experience. Existing users are automatically logged in, while new users are created in the WordPress database.

Simplified setup and configuration

Quickly install and configure the plugin to authenticate users against OpenID Connect OAuth2 API. Find comprehensive documentation and settings on the OpenID Connect Generic dashboard page, making it easy to customize the plugin according to your needs.

Enhanced security and privacy

Benefit from the enhanced security features of OpenID Connect OAuth2 API. Safeguard user credentials and protect sensitive data by leveraging the authorization code flow. Users can also give consent before granting access, ensuring their privacy is respected.

Author’s Site Author Site view

3.10.0

  • Chore: @timnolte – Dependency updates.
  • Fix: @drzraf – Prevents running the auth url filter twice.
  • Fix: @timnolte – Updates the log cleanup handling to properly retain the configured number of log entries.
  • Fix: @timnolte – Updates the log display output to reflect the log retention policy.
  • Chore: @timnolte – Adds Unit Testing & New Local Development Environment.
  • Feature: @timnolte – Updates logging to allow for tracking processing time.
  • Feature: @menno-ll – Adds a remember me feature via a new filter.
  • Improvement: @menno-ll – Updates WP Cookie Expiration to Same as Session Length.

3.9.1

  • Improvement: @timnolte – Refactors Composer setup and GitHub Actions.
  • Improvement: @timnolte – Bumps WordPress tested version compatibility.

3.9.0

  • Feature: @matchaxnb – Added support for additional configuration constants.
  • Feature: @schanzen – Added support for agregated claims.
  • Fix: @rkcreation – Fixed access token not updating user metadata after login.
  • Fix: @danc1248 – Fixed user creation issue on Multisite Networks.
  • Feature: @RobjS – Added plugin singleton to support for more developer customization.
  • Feature: @jkouris – Added action hook to allow custom handling of session expiration.
  • Fix: @tommcc – Fixed admin CSS loading only on the plugin settings screen.
  • Feature: @rkcreation – Added method to refresh the user claim.
  • Feature: @Glowsome – Added acr_values support & verification checks that it when defined in options is honored.
  • Fix: @timnolte – Fixed regression which caused improper fallback on missing claims.
  • Fix: @slykar – Fixed missing query string handling in redirect URL.
  • Fix: @timnolte – Fixed issue with some user linking and user creation handling.
  • Improvement: @timnolte – Fixed plugin settings typos and screen formatting.
  • Security: @timnolte – Updated build tooling security vulnerabilities.
  • Improvement: @timnolte – Changed build tooling scripts.

3.8.5

  • Fix: @timnolte – Fixed missing URL request validation before use & ensure proper current page URL is setup for Redirect Back.
  • Fix: @timnolte – Fixed Redirect URL Logic to Handle Sub-directory Installs.
  • Fix: @timnolte – Fixed issue with redirecting user back when the openid_connect_generic_auth_url shortcode is used.

3.8.4

  • Fix: @timnolte – Fixed invalid State object access for redirection handling.
  • Improvement: @timnolte – Fixed local wp-env Docker development environment.
  • Improvement: @timnolte – Fixed Composer scripts for linting and static analysis.

3.8.3

  • Fix: @timnolte – Fixed problems with proper redirect handling.
  • Improvement: @timnolte – Changes redirect handling to use State instead of cookies.
  • Improvement: @timnolte – Refactored additional code to meet coding standards.

3.8.2

  • Fix: @timnolte – Fixed reported XSS vulnerability on WordPress login screen.

3.8.1

  • Fix: @timnolte – Prevent SSO redirect on password protected posts.
  • Fix: @timnolte – CI/CD build issues.
  • Fix: @timnolte – Invalid redirect handling on logout for Auto Login setting.

3.8.0

  • Feature: @timnolte – Ability to use 6 new constants for setting client configuration instead of storing in the DB.
  • Improvement: @timnolte – Plugin development & contribution updates.
  • Improvement: @timnolte – Refactored to meet WordPress coding standards.
  • Improvement: @timnolte – Refactored to provide localization.

See the previous changelogs here

Great Plugin!

By Robert (Robert Knasmueller) on February 24, 2025

We have been using the plugin for several years. It's without frills and works absolutely reliably. Many thanks!

It just works!

By imoorena on August 28, 2024

As simple as it needs to be with no added cruft. Easy to configure and use.

Best OpenID plugin and free!

By Matthias Kittsteiner (kittmedia) on October 17, 2023

After testing multiple OpenID plugins – even paid one – this is by far the best. Thank you!

Some suggestions for improvements: more flexible filtering, better documentation and enhanced multisite support.

Best Openid client plugin by far.

By Xavi Ivars (xavivars) on May 27, 2023

Every other plugin is simply a trap to get you paying a premium version.

This one simply works as expected, with no bloatware. :)

The best there is, lightweight and easy to use

By V.E.L (vezraimanuel) on April 2, 2023

Been trying all other OpenID plugins, ended up uninstalling them, premium issues, bloatware, etc.

Tried this once only, now i'm using it on all my Wordpress sites. thanks a lot! I just hope it's maintained.

Works

By kumitterer on February 18, 2023

I tried a couple of other OIDC/OAuth2 client plugins and this is the only one that Just Works™ out of the box. Perfect.

This deserves more!

By backpackingseries on August 21, 2022

I am not sure why more folks in the community are not opting for OpenID and when they do, this plugin will make it super easy - just got my first site's auth flow hosted on AWS Cognito! OpenID Connect Generic Client is hyper focused on doing one thing and does it really well - enabling WordPress integration with your preferred OpenID provider. While you may need a few days to get familiar with concepts of OpenID, etc (i.e. if you are not already), you would get all the answers via their active support on Github. As others have said, it's a great plugin right here that I hope more people in the WP community find and use.

Easy to expand on and use

By mme on October 16, 2021

This plugin has allowed us to have one login for all sites using their work accounts.

Perfect

By cyrillbolliger on September 3, 2021

Thanks for this awesome plugin. Thanks to the filter openid-connect-generic-user-creation-test we were even able to automatically merge existing wordpress users with existing users of our SSO system without allowing the other SSO users to be able to create a wordpress account.

Just works

By danvy on September 13, 2020

Focused on its purpose. Solid.
More Reviews
Try other plugins too!
Salt Shaker

Salt Shaker

Salt Shaker enhances WordPress security by changing WordPress security keys and salts manually and automatically.

Try Demo More Details
NinjaFirewall (WP Edition) – Advanced Security Plugin and Firewall

NinjaFirewall (WP Edition) – Advanced Security Plugin and Firewall

A true Web Application Firewall to protect and secure WordPress.

Try Demo More Details
Activity Log

Activity Log

The #1 Activity Log plugin helps you monitor & log all changes and activities on your WordPress site, so you can run more securely and organized.

Try Demo More Details
Author Site Author Site

Try OpenID Connect Generic Client With InstaWP

Try Demo

Contact Sales

Reach out to us to explore how InstaWP can benefit your business.