Multiple Grant Support

Applies to : Premium or Higher version

  • This feature allows you to select any grant type based on your OAuth Provider.
  • List of grant type support we provide:
    1. Authorization Code Grant
    2. Resource Owner Credentials Grant (Password Grant)
    3. Implicit Grant
    4. Refresh token Grant
    5. PKCE Grant

NOTE - Refresh Token Grant will be used by default. This will be in effect with every other grant.

How to configure different grant types?

  • Navigate to the “Configure OAuth” tab and click on “Edit Application” link in front of the application that you want to configure a specific grant type for, like shown below:
    finding-grant-type-settings
  • Here, you will find an option to select the Grant Type for the application. Like shown below:
    grant-type-configuration
  • We use Authorization Code Grant by default. However, you can choose any of the grants available here. Namely - Authorization Code Grant, Implicit Grant and Password Grant.

How to configure Authorization Code/Implicit Grant?

  • We already use Authorization Code Grant by default.
  • If you are using any of these grants, you probably do not need to do anything special.
  • That said, if you are using OpenID Connect Provider, you will need to configure the JWT Support. Please check the JWT Support section.
  • If you are using Implicit Grant, it is more likely that you are using OpenID Connect Provider.
  • You should also check out OpenID Connect Support section.

How to configure Password Grant?

  • When you select Password Grant from the Grant Type menu and save the settings, you will be provided with a new option under the Grant Type menu.
    configure-password-grant
  • If you want your users to be able to log into your website with the default WordPress login form, you can check this option.

    NOTE - This applies to all the forms that log in the user into WordPress as a whole.

Where is Refresh Token Grant?

Refresh token is used by default to refresh the Access Tokens received during SSO. You can get the refresh token with a hook that we provide.

Please refer the WP Hooks section for more details.

How to configure PKCE flow?

  • Important: Make sure your OAuth/OpenID provider has support for Authorization code grant with PKCE.

  • Make sure you have selected grant type as Authorization Code Grant for you OAuth provider.

NOTE - You can enter any value in the client secret field if not provided by your provider.

configure-password-grant

  • To enable the PKCE flow for your OAuth / OIDC provider, enable the below PKCE checkbox in the Advanced Grant Type Configuration.

    configure-password-grant