Authentication: WordPress authentication

Maintained by Me Ian Wild
WordPress OAuth 1.0a three legged authentication for Moodle 3.1+
26 sites
12 fans

This authentication plugin allows Moodle to authenticate against a WordPress installation. 

You will need to install and enable the WP REST API OAuth 1.0a server in WordPress - see


Screenshot #0


Ian Wild (Lead maintainer)
Please login to view contributors details and/or to contact them

Comments RSS

Show comments
  • Picture of Plugins bot
    Thu, 16 Mar 2017, 2:40 AM
    Approval issue created: CONTRIB-6786
  • Picture of Sebastian Castellanos
    Mon, 29 May 2017, 5:14 AM
    Hi Ian,
    This plugin allow a single sign on ? or is authenticate in moodle against a wordpress DB (external db authentication) ?

  • Me
    Mon, 29 May 2017, 3:56 PM
    Hi Sebastian,

    Thanks for your message. Yes: this plugin allows a single sign on, but note that it implements three legged authentication. The basic process is:

    1. A WordPress user who is already logged in to WordPress clicks on a link to Moodle. Note that if the user isn't logged in to WordPress then the authorisation process will require them to.
    2. Moodle redirects the user back to WordPress (via Oauth 1.0a) and WordPress asks the user if they would like to share their WordPress details with Moodle.
    3. If the user accepts they are then redirected back to Moodle and Moodle authenticates.

    There is a good description of the process here :

    Hope this helps. If there is any more information you need then please do let me know.


  • Picture of Sebastian Castellanos
    Tue, 30 May 2017, 1:27 AM
    Hi Ian, thanks for your response.

    I'm already installed the plugin in moodle and also the plugin in wordpress : WP REST API - OAuth 1.0a Server
    I don't know how to generate the The OAuth 1.0a client key and The OAuth 1.0a client secret.
    Started reading several post related of how to generate those key/secret credentials in wordpress, but I've been stuck adding a new application, not sure about the callback URL.
    If I make a GET to my-wordpress-site/wp-json I get :

    "authentication": {
    "oauth1": {
    "request": "",
    "authorize": "",
    "access": "",
    "version": "0.1"

    Then, I not sure how to continue.
  • Me
    Wed, 31 May 2017, 5:09 AM
    Hi Sebastian,

    I'm not sure if you've had chance to check out the instructions on the plugin wiki here: ? Please let me know if these instructions don't make sense and I'll take a look at rewriting them.

    Hope this helps,

Please login to post comments