“On login, wordpress uses the wordpress_[hash] cookie to store your authentication details. It’s use is limited to the admin console area, /wp-admin/ After login, wordpress sets the wordpress_logged_in_[hash] cookie, which indicates when you’re logged in, and who you are, for most interface use. WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end … Read more
This showed up as a notification due to the upvote. Here’s how I solved it. The endpoint coded in the app that I am supposed to authenticate with prepares the token. The token has to be in the specified format. It then should be base 64 encoded and hash encrypted. The wp_init handler should be … Read more
There should be no problem with any normal WordPress-vBulletin bridge which syncs user data between the two platforms. Just make sure that synced users have the default role of “Subscriber”. This allows them to only post comments, and not to create or edit posts.
WordPress already has an API built in via an XMLRPC server. Meaning, you can make an XMLRPC request from your java app and verify a username/password. Unfortunately, there’s no way to just authenticate through it as is. That said, it’s very easy to roll your own. Just hook into xmlrpc_methods, a filter, and add yours. … Read more
Let’s go step by step here. Looks like you’re trying to use OAuth just for authentication, but before you can do so you need to get the Access Token which will be used to authenticate when you make your API calls. Because this is using OAuth version 1, in order to obtain the Access Token … Read more
The redirect URI (where the response is returned to) has to be registered in the APIs console, and the error is indicating that you haven’t done that, or haven’t done it correctly. Go to the console for your project and look under API Access. You should see your client ID & client secret there, along with a list of … Read more
TL;DR If you have very simple scenarios, like a single client application, a single API then it might not pay off to go OAuth 2.0, on the other hand, lots of different clients (browser-based, native mobile, server-side, etc) then sticking to OAuth 2.0 rules might make it more manageable than trying to roll your own system. … Read more
The redirect URI (where the response is returned to) has to be registered in the APIs console, and the error is indicating that you haven’t done that, or haven’t done it correctly. Go to the console for your project and look under API Access. You should see your client ID & client secret there, along with a list of … Read more
Yes, it’s possible. But first read, “What happens when I change my username?” To change your username, click your profile picture in the top right corner, then click Settings. On the left side, click Account. Then click Change username.