Description
The Authentiq?plugin allows users to simply use their phone to authenticate to your WordPress site, share their identity details safely, and sign out again remotely.
This plugin is for admins that are interested in moving beyond username and password, and do not want to burden their users with typing one time codes from SMS or authenticators or other methods that harm the user experience.
The Authentiq service is free (for most use cases) and does not store any user data centrally, but in the Authentiq ID app on the user’s phone instead.
Features:
- Use Authentiq as a convenience sign in (and sign up) method, or as a secure sign in method.
- In the latter case, replacing one time passwords (TOTP) or hardware tokens, option to still accept accounts with classic username & password.
- On every sign in, the profile information is explicitly shared by the Authentiq ID app and updated in the WordPress profile, thus keeping it up to date on every sign in.
- Visitors to your site that already have the Authentiq ID app installed can simply sign up by scanning a QR code or typing their email address and confirm on their phone.
- Block users by (verified) email domain, or limit to specific domains.
- Optionally request social accounts, address, and (verified) phone numbers too.
- Remote sign out: your users can sign out with their Authentiq ID app, even when they left their session signed in on another computer.
- Existing users can activate Authentiq in their profile page for convenience or additional security.
You can check our demo site.
Widget
You can have an Authentiq sign in button in any widgetized area / sidebar:
- Go to ‘WordPress Dashboard > Appearance > Widgets’.
- Drag and drop the “Authentiq” widget into any widgetized area / sidebar.
- Configure settings on the widget and click save.
Place and configure as many Authentiq widgets as you want.
Shortcodes
The plugin can be placed anywhere in your site using WordPress shortcodes.
The shortcode is [authentiq_login_button]
.
Additionally you can set some extra parameters, which are:
- sign_in_text: Text shown in Authentiq button, when user is not signed in, in order to sign in.
- linking_text: Text shown in Authentiq button, when user is signed in, but is not linked with Authentiq yet, in order to link the user account.
- sign_out_text: Text shown in Authentiq button, when user is signed in and linked with Authentiq, in order to sign out.
- color_scheme: Authentiq button color scheme. Use a number from 0: default, 1: purple, 2: orange, 3: grey, 4: white.
Example use: [authentiq_login_button sign_in_text="Login" linking_text="Link your account" sign_out_text="Logout" color_scheme=1]
.
You can even place the shortcode in your template files.
Screenshots
Installation
Automatic installation
Log in to your WordPress dashboard, navigate to the Plugins menu and click Add New.
In the search field type ‘Authentiq’ and click Search Plugins, once you find it, you can install it by simply clicking ‘Install Now’.
Manual installation
The manual installation method involves downloading the Authentiq plugin and uploading it to your webserver via your favorite FTP application. The WordPress codex contains instructions on how to do this here.
FAQ
- How a user can link her account with Authentiq
-
There are two flows for this.
- She signs in using the Authentiq ID App, using the same email as her current WordPress user.
- She signs in at the site using WordPress Username & Password, and then links her account with Authentiq, either using a widget or shortcode button, or by visiting her profile.
- How can I see extra user info send by Authentiq ID
-
You can simply visit the user’s profile page.
- If I disable WordPress Username & Password, how a user can get back access if lost?
-
When this happens, the WordPress site admin visits the user profile from the WordPress Dashboard, and click the “unlink” button in the Authentiq section.
- Is WooCommerce supported?
-
Yes, WooCommerce checkout and account pages are supported. In case “Address” and “Phone number” have been opted-in in Authentiq plugin settings page, they will be pre-filled for the user during checkout.
- What if I am already using “WordPress Social Login” (WSL) plugin, for Authentiq
-
Simply disable Authentiq within the WSL plugin (or the WSL plugin as a whole). Make sure you configure the redirect url correctly and add a backchannel redirect url in the Authentiq dashboard as prompted in the plugins page. Your users will be able to sign in with Authentiq right away.
Reviews
Contributors & Developers
“Authentiq” is open source software. The following people have contributed to this plugin.
ContributorsTranslate “Authentiq” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.6 – 2019-10-17
- Bugfix – Fix typo in lost password flow.
1.0.5 – 2018-05-20
- Feature – Add layout settings.
- Feature – Add button color scheme settings.
- Feature – Add GDPR Compliance.
1.0.4 – 2018-04-25
- Tweak – OAuth2
state
parameter stored as session cookie. Fixes Issue #1.
1.0.3 – 2017-12-17
- Feature – Stop updating username and display_name on sub-sequent signins.
- Feature – Add settings for defining a specific redirect URL after signin.
1.0.2 – 2017-11-25
- Feature – Add
authentiq_pre_insert_user_data
filter. - Feature – Add
authentiq_redirect_to_after_signin
filter.
1.0.1 – 2017-11-14
- Tweak – Support WordPress 4.9.
- Tweak – Make the Authentiq button in frontend a bit smaller.
1.0.0 – 2017-10-29
- Initial public release.