Integrate with WordPress

Add BindID, a passwordless authentication solution, to your WordPress site.

Step 1: Configure BindID

To integrate BindID with your WordPress site, you'll need to configure an application in the BindID Admin Portal (see Admin Portal: Get Started). You can either create a new application or use one that you already created.

From Applications, here is the basic client setup that is required for your application:

  • Set the allowed redirect URIs—Specify the page to which users are redirected after BindID authentication. It should have the following format:

    https://YOUR_WORDPRESS_DOMAIN/wp-admin/admin-ajax.php?action=bindid-callback

    where YOUR_WORDPRESS_DOMAIN is your WordPress Domain.

  • Get your BindID credentials—Obtain the client ID and client secret used to identify your application to the BindID Service. You'll need to provide these credentials to WordPress.

Step 2: Install the BindID WordPress Plugin

The BindID WordPress integration uses a plugin that is available in the WordPress Plugin Directory. In this section, we will install the BindID WordPress plugin.

From the Admin Menu of your WordPress website:

  1. Click Plugins and then click Add New.
  2. Search for the BindID plugin in the WordPress Plugin Directory.
  3. Click Install Now on the BindID tile in the search results.

Step 3: Configure the BindID Plugin

Add the BindID Client ID and Client Secret Key you received in Step 1 to the Settings page for the BindID WordPress plugin, as described below.

  1. From your WordPress Admin page, hover over Settings and click on BindID after it pops up in the list.

  2. Configure the Application settings as described below:

    FieldDescription
    Client IDClient ID you retrieved in Step 1 above.
    Client secretClient Secret you retrieved in Step 1 above. Note: Client secrets are encrypted with the AUTH_KEY and AUTH_SALT Wordpress security keys. If the security keys change you will need to re-enter the client secret.
    Require strong authenticationIf enabled users will be required to authenticate using biometrics authentication on a trusted device. Note: When enabled, the authentication will be rejected if the device does not support strong authentication (FIDO2 Biometrics). See the Platform Support page for a listing of supported platforms.
    Production modeIf enabled, the plugin will work with your BindID production environment. If disabled (default), it will work with sandbox instead. The client ID and secret you configure should correspond to the relevant environment.

Step 4: Activate the BindID Plugin

From your WordPress Admin page, click Plugins and click the Activate link next to BindID.

Step 5: Add A Login Button (Optional)

BindID offers the ability to add a login button on your WordPress Site. Place this WordPress Shortcode [bindid_login_button] wherever you want a login button on your WordPress page(s).

For example:

<p><?php echo do_shortcode('[bindid_login_button]'); ?></p>

Step 6: Test Your Integration

Once you complete your BindID integration with WordPress, test your integration.

From the login page on your WordPress site:

  1. Click Login with BindID.
  2. Perform the BindID authentication
  3. If the email returned to WordPress doesn’t correspond to an existing subscriber, a new WordPress subscriber is added.
  4. The subscriber is now logged in to your WordPress site.

Notes: BindID users are associated with subscribers using their email address, which is included in the BindID ID token for every login. New subscribers are added to the WordPress site when a user logs in using BindID and their email address doesn’t correspond to an existing user. To test adding a new WordPress subscriber, make sure to use a browser and mobile device that was not used to perform a BindID authentication, and when prompted use an email address that does not correspond to an existing WordPress user.