WordPress OAuth Setup

Prev Next

Rocket.Chat lets you enable sign-in with WordPress accounts. With this option, you can centralize user authentication, control access to APIs or data from your WordPress site, and customize how OAuth behaves.

Prerequisites

Before setting up WordPress OAuth, make sure you have:

  • A WordPress site or WordPress account

  • An OAuth server plugin (or a custom OAuth server implementation)

  • The app’s Client ID and Client Secret

Your OAuth provider must support standard OAuth 2.0 endpoints.

Configure WordPress OAuth

After your OAuth server is configured:

  1. In Rocket.Chat, go to Manage > Workspace > Settings > OAuth.

  2. Expand the WordPress section.

  3. Turn WordPress Login on.

  4. Enter the following values:

    • WordPress URL: The URL of your WordPress site

    • WordPress ID: The Client ID from your OAuth provider

    • WordPress Secret: The Client Secret from your OAuth provider

    • Server Type: Select one of the following:

      • WordPress.com: Use for WordPress.com accounts

      • WP OAuth Server Plugin: Use if you are using a plugin (for example, miniOrange)

      • Custom: Use if you are implementing your own OAuth server

If you select Custom

Configure the following endpoints:

  • Identity Path: Endpoint used to retrieve user information

  • Token Path: Endpoint used to obtain an access token

  • Authorize Path: Endpoint used to request user authorization

  • Identity Token Sent Via: How the token is sent (header or request parameters)

  • Scope: The user data Rocket.Chat can access (must match your OAuth server configuration)

  • WordPress Callback URL: Copy this value from Rocket.Chat and add it to your OAuth server configuration

  1. Select Save changes.

After you save, the Sign in with WordPress button appears on the workspace sign-in page.

Troubleshooting WordPress OAuth

If you encounter issues, enable logging to diagnose the problem:

  1. Go to Manage > Logs > Log Level > View Logs.

  2. Set the log level to Level 2 Logging.

  3. Open the login page in an incognito browser window and attempt to sign in.

  4. Check the logs to review the OAuth response and identify errors.

Common error

If you see the error "The redirect URI provided is missing or does not match" this means the Callback URL in your WordPress plugin does not match the WordPress Callback URL in Rocket.Chat.

For more troubleshooting details, visit the Rocket.Chat forum.

Rocket.Chat versions receive support for six months after release. End-of-life for any version is the last day of the month when support ends.