Hi Todd,
I think I understand what you are saying. WP OAuth Server can help if you would like your users to login into your node.js app using their WP account.
If you use grant type auth code (browser based), your users would be logged into both systems, but if you use any other grant type, you user could be logged into your node.js app but only have access to their WP account via your node.js APi.
So in short, in order for your users to be logged into both node app and WP, you would need to set it up in a way where the flow uses a browser flow. You could have them logged into both but it would require some trickery on the OAuth Server API side.
Hope this helps and makes sense.
Hi Justin,
Thanks for the quick feedback! Yes, it sounds like you knew just what I meant! I’ve never dug into auth before so please pardon my noob status.
I haven’t dug into the docs yet as I wanted to do an initial sanity check, but it sounds like I have an option here.
I’m not sure what you mean by “grant type auth code (browser based), could you point me to a doc that covers this by any chance?
My alternative would be to have WP be the auth system, and have my node/react app authenticate against it instead. Do you think this approach would be any easier?
Thanks again!
Yes, having your node authenticate against WP OAuth server would be ideal and proper protocol. You can find the auth grant type doc at https://wp-oauth.com/kb/using-authorization-code/. If your node app using http browser base flow then Auth Code would be what you are are looking for.
If you need a more application flow when authorizing then you may need to look into the password grant type. I do not have a in depth doc on this but you can reference http://bshaffer.github.io/oauth2-server-php-docs/grant-types/user-credentials/ on how to setup user credentials (password grant type).
