Plugin Directory


Allows WordPress to provide and consumer OpenIDs for authentication of users and comments.

Project maintined on github at diso/wordpress-openid.

version 3.4.1 (Jan 31, 2016)

version 3.4.0 (Jul 22, 2015)

  • update to latest OpenID library (includes lots of bug fixes, particularly with PHP 5.3). Full changelog on github.
  • fixed various PHP warnings/errors.
  • various improvements and bugfixes (props @rodrigoprimo).
  • attempt to use email as username before url for open id new user (props @yincrash).
  • chinese and german (props Stephan Richter) translations.
  • added WebFinger support

Full changelog on github.

version 3.3.4 (Nov 16, 2012)

  • update to latest OpenID library (includes lots of bug fixes, particularly with PHP 5.3). Full changelog on github.
  • various bug fixes. Full changelog on github.

version 3.3.3 (Aug 24, 2010)

  • add/update danish, japanese, and spanish translations
  • update to latest version of php-openid library
  • fix a few PHP and WordPress warnings and notices

version 3.3.2 (Nov 06, 2009)

  • add localizations for czech, danish, french, spanish, and vietnamese. Some are more up to date than others. More are welcome, see http://code.google.com/p/diso/issues/detail?id=26
  • remove stylesheet for recent comments widget, since it breaks the style for OpenID comments
  • various fixes with administration panels

version 3.3.1 (Sep 28, 2009)

  • tiny bug in get_user_openids causing it to always return empty array

version 3.3 (Sep 28, 2009)

  • minimum required version has been bumped to WordPress 2.8
  • fix support for WordPress MU
  • new, less obtrusive UI for comment form. Should also work with all themes in some form (with or without js).
  • many administrative options have been moved to their respective locations on core WordPress Settings pages
  • drop support for experimental EAUT and IDIB protocols
  • drop support for installing the plugin in mu-plugins folder
  • always include 'index.php' on OpenID endpoint URLs. Without that, some deployments were having problems.
  • fix bug relating to trackbacks and pingbacks
  • fix bug (#121) relating to unregistered options (props tom.tdw for the patch)
  • lots of minor bug fixes

version 3.2.3 (Jul 20, 2009)

  • fix XSS vulnerability. (props Stuart Metcalfe)

version 3.2.2 (Mar 19, 2009)

  • fix problems when using non-index.php permalinks with non-apache web servers
  • ensure that show_on_front option is not empty
  • function name typo (props gunemalli)
  • fix deprecated pass-by-reference call in php-openid library (props jschuur)
  • fix UI bug on registration form with IE browsers (props oledole)
  • UI tweaks to better match WP 2.7
  • update a few strings for localization and POT file

version 3.2.1 (Feb 13, 2009)

  • patch php-openid library to fix XRDS handling (thanks Mike Jones for helping find this)
  • add default values for some openid vars -- necessary for OP-initiated login
  • fix bug with OpenID server where OpenID request was sometimes lost
  • add filter for openid_trust_root

version 3.2 (Jan 20, 2009)

  • add uninstall hook for WordPress 2.7 -- this will remove all traces of the plugin from the database
  • UI fixes for WordPress 2.7
  • add settings link to plugins page
  • silence XML parsing errors with PHP4
  • ensure wp_scripts is set
  • ensure openid comment processing occurs after akismet
  • add ellipses to truncated OpenIDs (fixes #94)
  • fix bug where Yahoo! OpenIDs weren't matching profile URL (fixes #98)
  • don't return empty SREG values
  • Add support for consuming Attribute Exchange
  • use a single return_to URL for all OpenID actions
  • cleaner OpenID service URLs when permalinks configured to do so (all path, no query string)
  • fixed issue where OpenID Server would sometimes break depending on a users permalink structure (fixed #101)
  • fixed issue where OpenID consumer would sometimes break if mod_encoding was enabled in Apache (used for WebDAV) (fixed #96)
  • don't redirect when performing discovery on OpenID trust root

version 3.1.4 (Nov 04, 2008)

  • allow OP extensions to include XRDS Types in login service
  • run OpenID comment processor after Akismet, and skip if Akismet marks comment as spam

version 3.1.3 (Oct 27, 2008)

  • fix error message if /dev/urandom is not readable

version 3.1.2 (Oct 26, 2008)

  • ensure source of randomness is set properly
  • prevent duplicate cleanup_openid cron jobs
  • prevent SQL errors on activation
  • suppress verbose error logging with XML parsing

version 3.1.1 (Oct 20, 2008)

  • fix bug with OpenID Provider XRDS code that prevents ability to login to some sites (like plaxo.com)

version 3.1 (Oct 19, 2008)

  • added hidden constant to set custom comments post page (OPENID_COMMENTS_POST_PAGE)
  • additional option to skip name and email check for OpenID comments
  • use preferred username (from SREG) if possible when creating new account
  • truncate long URLs when used as display_name for comments
  • numerous bug fixes, including bug with registration form

version 3.0 (Oct 02, 2008)

  • includes OpenID Provider
  • supports OpenID delegation
  • add experimental support for Email Address to URL Transformation
  • many new hooks for extension and integration
  • major code refactoring

version 2.2.2 (Aug 06, 2008)

  • fix bug with "unauthorized return_to URL" (only known problem with openid.pl)
  • fix bug with comments containing non-latin characters
  • respect CUSTOM_USER_META_TABLE constant if present (also added CUSTOM_OPENID_IDENTITY_TABLE constant)
  • add experimental support for Identity in the Browser

version 2.2.1 (Jul 25, 2008)

  • fixed EAUT handling code
  • fixed bug that broke comments containing double quotes (")

version 2.2.0 (Jul 23, 2008)

  • use POST replay for comments (fixes compatibility with other comment plugins)
  • only build openid object when needed (much better memory usage)
  • support for Email Address to URL Transformation (see eaut.org)
  • fixed bug when using suhosin (hardened php)
  • use hooks for gathering user data (more extensible)
  • fixed openid spoofing vulnerability (http://plugins.trac.wordpress.org/ticket/702)
  • lots code refactoring and UI cleanup

version 2.1.9 (May 20, 2008)

  • fix javascript loading issues
  • fix various bugs when creating new account with OpenID
  • fix error message, and add new warning prompt when removing last OpenID for account

version 2.1.8 (Apr 02, 2008)

version 2.1.7 (Mar 21, 2008)

  • remove php5 dependency bug... AGAIN!
  • also remove some other custom changes to php-openid I forgot were in there. This may actually re-introduce some edge-case bugs, but I'd rather expose them so that we can get the appropriate patches pushed upstream if they really are necessary.

version 2.1.6 (Mar 20, 2008)

  • update php-openid library to latest. Now properly supports Yahoo's OpenID provider.

version 2.1.5 (Mar 20, 2008)

  • add support for wordpress v2.5

version 2.1.4 (Feb 13, 2008)

  • fix php5 dependency bug
  • improve jQuery code to reduce problems with other js libraries

version 2.1.3 (Feb 06, 2008)

  • address security bug mentioned here. Props Sam Alexander

version 2.1.2

  • minor typo in profile data code

version 2.1.1

  • minor bug where profile data is being overwritten

version 2.1

  • added FAQ items for plugin updater and adding an OpenID field to a comment form
  • better tracking of which users have OpenIDs linked to their local WP account
  • better automatic username generation
  • fixed bug where non-OpenID websites had problems (bug 729)
  • upgrade to version 2.0 of JanRain OpenID library
  • admin option to rebuild tables

version 2.0

  • simplified admin interface by using reasonable defaults. Default behaviors include:
    • "unobtrusive mode"
    • always add openid to wp-login.php
    • always use WP option 'home' for the trust root
  • new features
    • hook for trust engine, with very simple implementation included
    • supports OpenID 2.0 (draft 12) as well as OpenID 1.1 and SReg 1.0
  • normal collection of bug fixes

version 1.0.1

  • added wordpress.org style readme.txt

version 1.0 (also known as r13)

Full SVN logs are available at http://dev.wp-plugins.org/log/openid/.

The original OpenID plugin for WordPress was a collaborative effort between Alan Castonguay and Hans Granqvist.

Will Norris forked the plugin and has since become the maintainer.

Requires: 2.8 or higher
Compatible up to: 4.4.4
Last Updated: 6 months ago
Active Installs: 4,000+


3.7 out of 5 stars


0 of 1 support threads in the last two months have been marked resolved.

Got something to say? Need help?


Not enough data

0 people say it works.
0 people say it's broken.

100,1,1 100,1,1
100,4,4 80,5,4
62,13,8 0,1,0
48,27,13 0,7,0
33,30,10 100,1,1
17,12,2 33,42,14
100,1,1 30,10,3
75,4,3 67,3,2
0,1,0 100,1,1