This guide provides information on how to set up Beyond Identity as a passwordless authentication provider for a Wordpress site.
In this guide, you'll:
- Configure Beyond Identity as an Identity Provider
- Install and configure the Beyond Identity Passwordless Plugin
Before continuing, make sure that the following prerequisites have been met:
A live WordPress site running and administrator privileges.
Set up Beyond Identity as an Identity Provider
To set up Beyond Identity as an Identity Provider, you need to create a Realm to hold identities and configuration. Inside that realm, you'll need to create an Application that contains the authentication flow configuration. These can be configured in your Admin Console that was created for you when you signed up for a developer account.
Create a Realm
Creating a realm from the Beyond Identity Admin Console is easy.
In the Admin Console, under Tenant Management, select Go to realm > Create new realm.
Enter a name for your realm and click Create realm.
In the confirmation dialog, switch to the new realm.
Create an Application
From the Admin Console, under Authentication, select Apps > Add new app.
Give your application a name.
On the External Protocol tab, use the following values to complete this tab.
|Redirect URIs||Your redirect URI follows the pattern:|
|Token Endpoint Auth Method||Client Secret Post|
|Grant Type||Authorization Code|
|All other options||Use the default values for the remaining options|
- Click the Authenticator Config tab and use the following values.
|Configuration Type||Hosted Web |
|Authentication Profile||Use the recommended values for the remaining options|
- Click Submit to save the new app.
At this point, your Beyond Identity Admin Console should be configured with a realm and an application set up. The Hosted Web handles passkey registration and authentication for you, including generating new passkeys, presenting users with authenticator choice options as needed, and validating passkey assertions. You are now ready to configure the OpenID Connect WordPress plugin.
Configure the Beyond Identity Passwordless Plugin
Install the plugin
You must have administrative privileges in WordPress.
The easiest way to install and activate the plugin is directly from your admin dashboard:
- Log into your Wordpress admin console.
- Tap on the dashboard Plugins tab.
- Search for Beyond Identity Passwordless in the seach field.
- Tap Install and then Active on the plugin card.
You can also follow the installation steps specified in the Beyond Identity Passwordless Installation Guide.
Configure the plugin
After you've installed the plugin, you'll need to configure the plugin.
- Tap on the dashboard Beyond Identity tab.
|WordPress Settings Field||Beyond Identity value|
|Issuer URL||Copy and paste the Issuer URL value from your application's External Protocol tab.|
|Client ID||Copy and paste the Client ID value from your application's External Protocol tab.|
|Client Secret Key||Copy and paste the Client Secret value from your application's External Protocol tab.|
- Click Save Changes.
Congratulations! You have configured the Beyond Identity Passwordless plugin.
Try it out
In this final step, you'll attempt to log in and verify successful authentication.
http://your_hostname/wp-login.phpto test authentication.
Click the Continue with Passwordless button. You'll be redirected to the Beyond Identity Hosted Web Authenticator.
At the conclusion of a successful authentication, you'll be redirected to your WordPress admin console or to your site depending on your current role.
From the Beyond Identity Admin Console, go to Events to view several successful authentication events.
New users are added to your WordPress database with the default user role. Existing user's roles are unchanged. Both types of users will be associated with a Beyond Identity ID (a.k.a "sub" claims from the