Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

5.2 configuration help - new registration: WP usersnames set to auth0 id rather than auth0 "username" #894

Closed
4 tasks done
blakmarkit opened this issue Apr 17, 2024 · 2 comments
Closed
4 tasks done

5.2 configuration help - new registration: WP usersnames set to auth0 id rather than auth0 "username" #894

blakmarkit opened this issue Apr 17, 2024 · 2 comments

Comments

@blakmarkit
Copy link

Checklist

  • I have looked into the Readme and the documentation, and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Description

Was previously using v4 of the auth0 plugin. Testing migration to v5. I have a few different quirks that I'm trying to understand about how the plugin is/should be configured. The documentation here and on the auth0 site do not appear to be clear and/or relevant (still v4).

First, when I register a new account (Universal Login Classic), the WP username is being set to the auth0 ID string, and not the auth0 username (set in the Universal Login register field). Is there a plugin preference that would correct this?

Second, v4 would send the user to a wp_die page that prompts the user to to verify their email before signing in—v5 appears to redirect them to the site, logged in, without verifying, but their email address doesn't appear in the user data until they verify (via the verification email) and sign in again. Is this expected behavior or a configuration issue?

Third, is there a way to set/map the Name (Nickname) in WP? Also the WP First and Last Name fields?

Reproduction

Options:

  • Enable Authentication: Enabled
  • Connection Matching: Flexible
  • Missing Users: Create account

Sync:

  • Sync Frequency: 15 minutes
  • On-Demand Changes: Disabled
  • User Creation: Enabled
  • User Deletion: Enabled
  • User Updates: Enabled

Additional context

No response

wp-auth0 version

5.2

WordPress version

6.52

PHP version

8.2.14
@evansims
Copy link
Member

Hi @blakmarkit 👋

First, when I register a new account (Universal Login Classic), the WP username is being set to the auth0 ID string, and not the auth0 username (set in the Universal Login register field). Is there a plugin preference that would correct this?

I'm afraid this isn't an option; doing so introduces conflicts in Auth0 configurations where multiple Connections might be used or when a user has multiple social accounts associated with one identity. Usernames can potentially be reused in those scenarios. This turned out to be a very common point of confusion for v4 users, so it was removed with the latest release.

Second, v4 would send the user to a wp_die page that prompts the user to to verify their email before signing in—v5 appears to redirect them to the site, logged in, without verifying, but their email address doesn't appear in the user data until they verify (via the verification email) and sign in again. Is this expected behavior or a configuration issue?

This is intentional; the plugin doesn't allow unverified emails to be tied to the WP account as a security measure.

If you need to, you could fully override and control this behavior using Actions. There are lots of templates in there for these sorts of things. I see one that blocks user logins until their email is verified, for example.

Using the Passwordless (email) connection type is also a great option, as it requires a verified email by necessity.

Third, is there a way to set/map the Name (Nickname) in WP? Also the WP First and Last Name fields?

Nothing is built in to support this presently, but this could be achieved with a custom code/plugin of your own — just tie into the standard edit_user_created_user (user created), profile_update, and deleted_user WordPress hooks.

Any changes made to the WordPress user will get sync'd back to Auth0's user management in the next plugin background sync.

@blakmarkit
Copy link
Author

Hi @evansims thanks for the explanations!

Usernames can potentially be reused in those scenarios. This turned out to be a very common point of confusion for v4 users, so it was removed with the latest release.

Good to know. I wasn't sure if I was misconfiguring something, between the WP account creation settings and the Auth0 plugin's account creation settings.

If you need to, you could fully override and control this behavior using Actions. There are lots of templates in there for these sorts of things. I see one that blocks user logins until their email is verified, for example.

Thanks for that pointer. I've set up that first action. Would it also be in Actions to redirect a user to a "please verify your email" page after registration?

Is there documentation anywhere about what each of the plugin's new settings does, especially the options in the Advanced section? I'm having cookie/session issues where I keep getting logged out what seems like every few minutes (or even seconds).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@evansims @blakmarkit