Wordpress Customer Identity and Access Management Plugin

WordPress is an open-source and free content management system which is written in PHP and uses MySQL or MariaDB database. Wordpress features have a plugin architecture and different templates, which is commonly referred as Wordpress Themes.

LoginRadius Customer Identity and Access Management Plugin simplifies and secures your customer registration process, increases customer conversion with Social Login that combines 40+ major social platforms and offers a full solution with Traditional customer Registration. Also, you can gather a wealth of customer profile data from Social Login and Traditional customer Registration, have a centralized view of entire end-customer data and manage it easily. Thus, it helps you to boost customer engagement, manage online identities, capture accurate customer data and get unique social insights into your customer base.

Note: Based on your LoginRadius plan you have, you may have access to one or more of the following modules. This document provides an overview of each component listed below. If you require additional components that are not included in your plugin please contact your product specialist at LoginRadius

• Enabling both the versions together i.e. V1 and V2 of Wordpress plugins may cause conflicts. Kindly disable one of them for smoother operations.
• In case of updating the plugin first deactivate the previous plugin and replace the codebase and activate the new plugin. Alternatively, you can also update it by clicking on the “update” of LoginRadius CIAM at “/wp-admin/plugins.php” of your site.

• Navigate to Wordpress Admin Panel->Plugins

• Click "Add New" button

• To install the LoginRadius plugin, type "loginradius" in the search field, or use the "Upload Plugin" button. You can use the plugin that was provided to you by the LoginRadius team or can download the default plugin here.

  

• To activate the plugin, navigate to Wordpress Admin Panel->CIAM
• On the Activation tab, enter your API Key, and API Secret as provided on your LoginRadius Admin Console.
• Click 'Save Settings'.

• To enable authentication settings navigate to Wordpress Admin Panel->CIAM->Authentication here, you will find 4 admin settings:

1. User Registration
2. Authentication
3. Advanced settings
4. Short Codes

• Identity Experience FrameworkTo enable Identity Experience Framework functionality on your web property enable "Enable Identity Experience Framework" option.

• Auto Generate Authentication Page To allow the plugin to auto-generate the pages for login, registration, forgot password and reset password enable 'Auto Generate Authentication Page'. Admin can also generate traditional/social login and registration interface on the desired page using the shortcodes provided in the ShortCodes tab, If he do not wish to enable 'Auto Generate Authentication Page'.

• Referral URLLet's say if a customer comes to the login page from the About Us page, then after login customer will get redirected to the About Us page. Note: This condition will apply only when the referral domain is the same and Redirect to the same page where the customer logged in is enabled from the plugin backend panel. There are 4 redirection settings available under 'Redirection settings after login' by which Admin can set the redirection of the customer after login:

  1. Redirect to the same page where the customer logged in
  2. Redirect to the home page of your WordPress site
  3. Redirect to the customer's dashboard
  4. Redirect to a custom URL (enter the custom url below) If Redirect to a custom URL is enabled then it will have the top priority and customer will get redirected to that URL after login. Below is the example of passing the Redirect To URL with the login URL

https://www.example.com/login/?redirect_to=http:%2F%2Fwww.example1.com

Note: redirect_to parameter will have a URL in the encoded format.

• Admin can configure Email Authentication setting by 4 methods :
  1. Enable prompt password on Social Login
  2. Enable login with username
  3. Ask for email from unverified user
  4. Ask for required field on Traditional Login

• Email templates can be added/Modified in "Admin Console" which will be displayed in WP-Admin authentication page.

Phone Authentication will be displayed in the admin authentication tab only if Phone Workflow is enabled in your app.

• SMS templates can be added/Modified in "Admin Console" which will be displayed in WP-Admin authentication page.

For the advanced tab setting please refer to the below screenshot.

• Admin can enable or disable the advanced options like:

  • Enable Passwordless link login

    LoginRadius customers can set up a login flow that allows users to login without a password. Please review our Passwordless Link Login documentation for more details.

  • Enable Passwordless OTP Login

    Enabling this option on the LoginRadius site lets the end-user enter his phone number and click on the instant OTP login button. Now enter the OTP which you received in your phone number to login, for more details review our Passwordless OTP Login documentation.

  • Enable password strength

    Password strength is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. The strength of a password is a function of length, complexity, and unpredictability. For more details review our Javascript Hooks documentation.

  

• Admin can set notification timeout (in seconds) by entering the desired time period in ‘Notification timeout settings’. Notification timeout is the time in which admin sets the time for how long success/error message will display.

• Admin can set Terms and Conditions by entering the content that he wants to be displayed on the registration form. This text editor also compatible with the TinyMCE text editor.

• Admin can also enter the common options of loginradius JS in Common options for loginradius interface field, click here for details on common options. For example :

commonOptions.loginOnEmailVerification = true;

• From here, you can customize the default registration form according to your desired fields, validation rules, and field types. All of the standard and custom field configured in your registration form, can be found in Deployment > JS Widgets > Registration Forms.

• For short code tab settings please refer to the below screenshot. Admin can select shortcodes that can be used on page or post to display the respective interface.

LoginRadius Single Sign-On(SSO) is a feature for multiple site management. To enable the SSO, navigate to Wordpress Admin Panel->CIAM->SSO. In SSO tab enable the radio button under the 'Enable SSO' tab and then click Save Settings button.

• To generate Debug log for debugging purpose, enable WordPress developer mode option from **wp-config.php **

Note: When the log is enabled, then it will start writing the log to the 'ciam_debug.log' file which is present at the plugin root.

• In the case of traditional login, if Multi-Factor Authentication is enabled on your app then its section will be displayed on the profile page. Click on "2-Step Verification" button to enable Multi-Factor Authentication. By default, MFA is disabled on your LoginRadius site. To enable MFA for your site, in the Admin Console, go to Platform Security > Multi-Layered Security > Multi-Factor Auth. Select the “Enable” option under “Multi-Factor Authentication”and the relevant flow option under the “Select Flow” section.

  Note: For Multi-Factor Authentication, by default OTP authenticator is enabled on the app and, in order to enable Google Authenticator, you will need to enable it from the LoginRadius Admin Console.

• Scan the barcode from the authenticator app and enter Google Authenticator Code here. On successful authentication, option to ‘Reset backup code’ will appear on profile. Customer can reset the generated backup codes from here.

Customers can update their profile from the profile editor section.

This option will appear on profile along with the Phone Number field displaying the respective phone number. It will work only when the ‘Phone and Email Simultaneous Login’ option is enabled on your app.

Following are the user Interfaces provided by LoginRadius:

Login interfaces can be used from the login page created from the plugin authentication tab from the admin panel. It can also be used from the page on which admin has applied the shortcode for login i.e. [ciam_login_form].

To auto-generate the registration page, navigate to Wordpress Admin Panel->CIAM->Authentication and check ' Auto Generate User Registration' under User Registration section.

Registration interface can be used from the Registration page created from the plugin authentication tab from the admin panel. It can also be used from the page on which admin has applied the shortcode for registration i.e. [ciam_registration_form].

To auto-generate the registration page, navigate to Wordpress Admin Panel->CIAM->Authentication and check 'Auto Generate User Registration' under User Registration section.

Forgot password interfaces can be used from the forgot password page created from the plugin authentication tab from the admin panel. It can also be used from the page on which admin has applied the shortcode for forgot password i.e. [ciam_forgot_form].

To auto-generate the registration page, navigate to Wordpress Admin Panel->CIAM->Authentication and check ' Auto Generate User Registration' under User Registration section.

Below screenshot is for Forgot Password page.

Reset password interfaces can be used from the Reset password page created from the plugin authentication tab from the admin panel. It can also be used from the page on which admin has applied the shortcode for Reset password i.e. [ciam_password_form].

To auto-generate the registration page, navigate to Wordpress Admin Panel->CIAM->Authentication and check 'Enable Auto Generate User Registration' under User Registration Integration section.

The customer can reset their password from the link which they receive in their mail after doing the forgot password process.

Default WP Login Form is used for admin purpose. If the admin wants to bypass the LoginRadius authentication services or doesn't require to register a customer at LoginRadius then it can be done using the [ciam_wp_default_login] shortcode. For this Admin needs to create a separate page and apply the given shortcode on it.

For example: We have created a new page by the name “Default” and applied [ciam_wp_default_login] shortcode on it, (refer the below screenshot) this will display default wordpress login form.

###Add additional email

The customer can add additional email to their account. This email will get saved into the LoginRadius Cloud Directory and can be used to manage the account.

The customer can delete the other email if want to delete.

To add additional email navigate to Wordpress Admin Panel->Users->Your Profile.

Click on Add Email button near to the email field. Popup will appear to enter the email and click send. A verification link will be sent to the entered email address.

The new email will be appeared in the profile after verifying it.

###Remove email

The customer can also remove the additional or existing email from their account.

Click on remove button near to the email field. Popup will appear to enter the email after that click on the remove button. It will delete the added email from your account.

In order to customize the LoginRadius Interface like Login, Register, forgot password, etc then we have the following options:

• CSS Customization To make the designing customization like interface layout, popup designing or interface elements, use the current theme's CSS file for overriding the design.

• Language Customization To customize the form’s field label or button label, please follow our Javascript Hooks document.

• You can see the user's email id and username in the "wp_users" table.
• And plugin options setting in the "wp_options" table.

While Troubleshooting, make sure to check out the following points:

• Wordpress plugin uses “wp_remote_request” function to run APIs that indirectly call cURL or fsockopen, so please make sure that cURL remains open on the server.
• If you have enabled any caching plugin on your site, then please make sure to clear the cache from it after making any update/customization to the plugin.

To uninstall the plugin go to the installed plugin section and click on deactivate button below the "LoginRadius CIAM" or you can select "LoginRadius CIAM" after that choose deactive from Bulk Action and click on Apply button.

Note: On uninstallation of the plugin all the options setting will be deleted from the "wp_options" table.

Note: WordPress version tested up to 6.0.2