Auth0 for All

Companion Plugin

Enable front-end authentication without creating WordPress user accounts. Requires the official Auth0 Login plugin.

Table of Contents

Prerequisites

Required

  1. The official Auth0 Login plugin must be installed and configured
  2. An active Auth0 account with a configured application
  3. PHP 7.4 or higher
  4. WordPress 5.8 or higher

How They Work Together

Official Auth0 Login:

Handles the OAuth flow, token management, and WordPress admin authentication. Creates WordPress user accounts for authenticated users.

Auth0 for All:

Extends the official plugin to allow front-end-only authentication without creating WordPress users. Perfect for member-only content, gated resources, or authentication-based functionality.

Installation

Step 1: Install Official Auth0 Plugin

  1. Go to Plugins → Add New
  2. Search for "Auth0"
  3. Install and activate the official "Login by Auth0" plugin
  4. Configure it with your Auth0 application credentials

Step 2: Install Auth0 for All

  1. Download from GitHub
  2. Upload to wp-content/plugins/
  3. Activate through the WordPress admin

Important: Auth0 for All will not function without the official Auth0 Login plugin installed and configured.

Configuration

Access settings at Settings → Auth0 for All

User Creation

Disable WordPress User Creation:

When enabled, users who authenticate will NOT have WordPress user accounts created. They'll only exist as Auth0 sessions on the front-end.

Use Case: Perfect for membership sites where you want to gate content but don't need users to access the WordPress admin.

Custom Login Pages

Create custom login/logout pages for a seamless front-end experience:

  • Login Page URL: Where to redirect unauthenticated users
  • Logout Redirect URL: Where to send users after logout
  • Post-Login Redirect: Where authenticated users land

Session Management

Session Lifetime: How long Auth0 sessions remain valid (default: 7 days)
Remember Me: Allow users to stay logged in for extended periods

Usage

Checking Authentication Status

Use in your theme or plugin code:

<?php
if ( function_exists( 'auth0_for_all_is_user_authenticated' ) ) {
    if ( auth0_for_all_is_user_authenticated() ) {
        // User is authenticated via Auth0
        echo 'Welcome back!';
    } else {
        // User is not authenticated
        echo 'Please log in';
    }
}

Getting User Info

Access Auth0 user data:

<?php
$user_info = auth0_for_all_get_user_info();

if ( $user_info ) {
    echo 'Email: ' . $user_info['email'];
    echo 'Name: ' . $user_info['name'];
    echo 'Auth0 ID: ' . $user_info['sub'];
}

Login/Logout Links

Generate authentication links:

<?php
// Login link
echo '<a href="' . auth0_for_all_login_url() . '">Log In</a>';

// Logout link
echo '<a href="' . auth0_for_all_logout_url() . '">Log Out</a>';

Protecting Content

Restrict access to authenticated users only:

<?php
if ( ! auth0_for_all_is_user_authenticated() ) {
    // Redirect to login
    wp_redirect( auth0_for_all_login_url() );
    exit;
}

// Protected content here
?>

Hooks & Filters

Actions

auth0_for_all_user_login

Fires after a user successfully authenticates (but before WordPress user creation).

add_action( 'auth0_for_all_user_login', function( $user_info ) {
    // Do something when user logs in
    error_log( 'User logged in: ' . $user_info['email'] );
});
auth0_for_all_user_logout

Fires when a user logs out.

add_action( 'auth0_for_all_user_logout', function() {
    // Clean up custom data
});

Filters

auth0_for_all_login_redirect

Modify where users are redirected after login.

add_filter( 'auth0_for_all_login_redirect', function( $url, $user_info ) {
    // Redirect based on user role or metadata
    if ( isset( $user_info['user_metadata']['vip'] ) ) {
        return '/vip-dashboard';
    }
    return $url;
}, 10, 2 );
auth0_for_all_user_data

Filter Auth0 user data before it's used.

add_filter( 'auth0_for_all_user_data', function( $user_info ) {
    // Add custom data or modify existing
    $user_info['custom_field'] = 'value';
    return $user_info;
});

Troubleshooting

Users still being created in WordPress?

  • Verify "Disable WordPress User Creation" is enabled in settings
  • Check that there are no other plugins forcing user creation
  • Ensure the official Auth0 plugin is not set to auto-provision users for admin access

Auth0 callback errors?

  • Verify callback URLs in your Auth0 application settings match your WordPress URLs
  • Check that both the official Auth0 plugin and Auth0 for All are activated
  • Clear WordPress and browser cache
  • Enable WordPress debug logging to see detailed error messages

Session not persisting?

  • Check session lifetime settings
  • Ensure cookies are not being blocked by browser
  • Verify HTTPS is enabled on production sites
  • Check for conflicts with caching plugins

Need Help?

Found a bug or have questions? Open an issue on GitHub or check the official Auth0 documentation.

Back to PluginGitHub Issues