{"id":28432159,"url":"https://github.com/axewp/wp-graphql-headless-login","last_synced_at":"2025-07-05T01:32:25.848Z","repository":{"id":63824179,"uuid":"571011693","full_name":"AxeWP/wp-graphql-headless-login","owner":"AxeWP","description":"A WordPress plugin that provides Headless login and authentication for WPGraphQL, supporting traditional passwords, OAuth2/OpenID Connect, JWT, and more.","archived":false,"fork":false,"pushed_at":"2025-05-24T21:39:40.000Z","size":5668,"stargazers_count":86,"open_issues_count":6,"forks_count":13,"subscribers_count":2,"default_branch":"develop","last_synced_at":"2025-06-05T16:43:22.300Z","etag":null,"topics":["authentication","graphql","hacktoberfest","hacktoberfest2023","headless","headless-wordpress","jwt","login","oauth2","openid-connect","sso","wordpress","wordpress-plugin","wp-graphql","wp-plugin","wpgraphql","wpgraphql-plugin"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AxeWP.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/funding.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["AxeWp"]}},"created_at":"2022-11-26T21:35:18.000Z","updated_at":"2025-05-27T05:13:03.000Z","dependencies_parsed_at":"2024-01-16T20:32:27.097Z","dependency_job_id":"3570eb0a-0f30-40ca-823c-3fdde91f0b98","html_url":"https://github.com/AxeWP/wp-graphql-headless-login","commit_stats":{"total_commits":149,"total_committers":5,"mean_commits":29.8,"dds":0.03355704697986572,"last_synced_commit":"817de38206751d7872d7e2952533b61802568cc7"},"previous_names":[],"tags_count":20,"template":false,"template_full_name":null,"purl":"pkg:github/AxeWP/wp-graphql-headless-login","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AxeWP%2Fwp-graphql-headless-login","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AxeWP%2Fwp-graphql-headless-login/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AxeWP%2Fwp-graphql-headless-login/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AxeWP%2Fwp-graphql-headless-login/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AxeWP","download_url":"https://codeload.github.com/AxeWP/wp-graphql-headless-login/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AxeWP%2Fwp-graphql-headless-login/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263643101,"owners_count":23493692,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","graphql","hacktoberfest","hacktoberfest2023","headless","headless-wordpress","jwt","login","oauth2","openid-connect","sso","wordpress","wordpress-plugin","wp-graphql","wp-plugin","wpgraphql","wpgraphql-plugin"],"created_at":"2025-06-05T16:30:54.062Z","updated_at":"2025-07-05T01:32:25.835Z","avatar_url":"https://github.com/AxeWP.png","language":"PHP","funding_links":["https://github.com/sponsors/AxeWp","https://github.com/sponsors/AxeWP"],"categories":[],"sub_categories":[],"readme":"![Headless Login for WPGraphQL Logo](./assets/header.png)\n# Headless Login for WPGraphQL\n\nA WordPress plugin that provides headless login and authentication for \u003ca href=\"https://wpgraphql.com\" target=\"_blank\"\u003eWPGraphQL\u003c/a\u003e, supporting traditional passwords, OAuth2/OpenID Connect, JWT, and more.\n\n* [Join the WPGraphQL community on Discord.](https://discord.gg/55h7WmYZff)\n* [Documentation](#usage)\n\n-----\n\n![Packagist License](https://img.shields.io/packagist/l/axepress/wp-graphql-headless-login?color=green) ![Packagist Version](https://img.shields.io/packagist/v/axepress/wp-graphql-headless-login?label=stable) ![GitHub commits since latest release (by SemVer)](https://img.shields.io/github/commits-since/AxeWP/wp-graphql-headless-login/0.4.3) ![GitHub forks](https://img.shields.io/github/forks/AxeWP/wp-graphql-headless-login?style=social) ![GitHub Repo stars](https://img.shields.io/github/stars/AxeWP/wp-graphql-headless-login?style=social)\u003cbr /\u003e\n![CodeQuality](https://img.shields.io/github/actions/workflow/status/axewp/wp-graphql-headless-login/code-quality.yml?branch=develop\u0026label=Code%20Quality)\n![Integration](https://img.shields.io/github/actions/workflow/status/axewp/wp-graphql-headless-login/integration-testing.yml?branch=develop\u0026label=Integration%20Testing)\n![Coding Standards](https://img.shields.io/github/actions/workflow/status/axewp/wp-graphql-headless-login/code-standard.yml?branch=develop\u0026label=WordPress%20Coding%20Standards)\n[![Coverage Status](https://coveralls.io/repos/github/AxeWP/wp-graphql-headless-login/badge.svg?branch=develop)](https://coveralls.io/github/AxeWP/wp-graphql-headless-login?branch=develop)\n-----\n\n## Description\n\nHeadless Login for WPGraphQL is a flexible and extensible plugin that allows headless WordPress sites to login and authenticate users via \u003ca href=\"https://wpgraphql.com\" target=\"_blank\"\u003eWPGraphQL\u003c/a\u003e using a variety of authentication methods, including traditional WordPress credentials (username/password), \u003ca href=\"https://oauth.net/2/\" target=\"_blank\"\u003eOAuth 2.0\u003c/a\u003e / \u003ca href=\"https://openid.net/connect/\" target=\"_blank\"\u003eOpenID Connect\u003c/a\u003e, \u003ca href=\"https://jwt.io/\" target=\"_blank\"\u003eJSON Web Tokens (JWT)\u003c/a\u003e, and more.\n\nThis plugin is inspired by and aims to replace \u003ca href=\"https://github.com/wp-graphql/wp-graphql-jwt-authentication\" target=\"_blank\"\u003eWPGraphQL JWT Authentication\u003c/a\u003e as more powerful, comprehensive, and flexible authentication solution for Headless WP.\n\n## System Requirements\n\n* PHP 7.4-8.2+\n* WordPress 6.2+\n* WPGraphQL 1.14.0+\n\n## Quick Install\n\n1. Install \u0026 activate [WPGraphQL](https://www.wpgraphql.com/).\n2. Download the [latest release](https://github.com/AxeWP/wp-graphql-headless-login/releases) `.zip` file, upload it to your WordPress install, and activate the plugin.\n3. Enable and configure the authentication providers you want to use in GraphQL \u003e Settings \u003e Headless Login.\n\n### With WP-CLI\n\n```bash\nwp plugin install https://github.com/AxeWP/wp-graphql-headless-login/releases/latest/download/wp-graphql-headless-login.zip --activate\n```\n\n### With Composer\n\n```bash\ncomposer require axepress/wp-graphql-headless-login\n```\n\n## Updating and Versioning\n\nUntil we hit v1.0, we're using a _modified_ version of [SemVer](https://semver.org/), where:\n\n* v0.**x**: \"Major\" releases. These releases introduce new features, and _may_ contain breaking changes to either the PHP API or the GraphQL schema\n* v0.x.**y**: \"Minor\" releases. These releases introduce new features and enhancements and address bugs. They _do not_ contain breaking changes.\n* v0.x.y.**z**: \"Patch\" releases. These releases are reserved for addressing issue with the previous release only.\n\n## Development and Support\n\nDevelopment of Headless Login for WPGraphQL is provided by [AxePress Development](https://axepress.dev). Community contributions are _welcome_ and **encouraged**.\n\nBasic support is provided for free, both in [this repo](https://github.com/AxeWP/wp-graphql-headnessl-login/issues) and in [WPGraphQL's official Discord](https://discord.gg/55h7WmYZff).\n\nPriority support and custom development are available to [our Sponsors](https://github.com/sponsors/AxeWP).\n\n\u003ca href=\"https://github.com/sponsors/AxeWP\" alt=\"GitHub Sponsors\"\u003e\u003cimg src=\"https://img.shields.io/static/v1?label=Sponsor%20Us%20%40%20AxeWP\u0026message=%E2%9D%A4\u0026logo=GitHub\u0026color=%23fe8e86\u0026style=for-the-badge\" /\u003e\u003c/a\u003e\n\n## Supported Features\n\nThe following functionality is currently supported:\n\n- Authenticate with a [WordPress username and password](./docs/reference/mutations.md#login-with-a-traditional-username-password).\n- Pass and validate [OAuth 2.0 / OpenID Connect provider response](./docs/reference/mutations.md#login-with-an-oauth2openid-authorization-response) from the frontend. \u003cbr /\u003e\nSupported providers (out of the box):\n  * Facebook\n  * GitHub\n  * Google\n  * Instagram\n  * LinkedIn\n  * OAuth2 - Generic: Any other OAuth 2.0 provider.\n  * SAML authentication and more coming soon!\n- Use a [special Site Token](./docs/reference/mutations.md#login-with-a-site-token-and-user-identity\n) to support WordPress authentication with any externally-authenticated user identity (e.g. [Auth.js](https://authjs.dev/)).\n- Add your own Authentication Provider by [extending the `ProviderConfig` class](./docs/recipes/provider-config.md).\n- Authenticate with JWT tokens using a [HTTP Authorization header]().\n- [Set CORS headers](./docs/reference/settings.md) to allow or restrict access to the GraphQL endpoint.\n- Generate short-term `authToken`s and long term `refreshToken`s for seamless re-authentication in your headless app.\n- [Link a user account](./docs/reference/mutations.md#manually-link-the-wordpress-user-to-a-providers-resource-owner) to an authentication provider's resource owner, to allow users to authenticate with multiple providers.\n- Query the [enabled `loginClient` authorization urls](./docs/reference/queries.md#querying-login-clients), to use in your frontend's login buttons.\n- Extensive WordPress [actions](./docs/actions.md) and [filters](./docs/reference/filters.md) for customization of the plugin's behavior.\n- Log out all sessions for a user by [revoking](./docs/reference/mutations.md#revoke-the-user-secret) or [refreshing](./docs/reference/mutations.md#refresh-the-user-secret) their tokens, in GraphQL or the WordPress backend Profile Page.\n- Manage WooCommerce Sessions with [WPGraphQL for WooCommerce](https://github.com/wp-graphql/wp-graphql-woocommerce).\n- and more!\n\n## Usage\n\n### Getting Started ( 🎯 You are here! )\n\n- [System Requirements](#system-requirements)\n- [Installation](#quick-install)\n\n### Core Concepts\n\n- [Terminology](./docs/core-concepts/terminology.md)\n- [How it works](./docs/core-concepts/how-it-works.md)\n\n### Reference\n\n- [Admin Settings](./docs/reference/settings.md)\n- [GraphQL Queries](./docs/reference/queries.md)\n- [GraphQL Mutations](./docs/reference/mutations.md)\n- [Javascript API](./docs/reference/javascript-api.md)\n- [WordPress Actions](./docs/reference/actions.md)\n- [WordPress Filters](./docs/reference/filters.md)\n\n### Recipes:\n- [Server-side Authentication flow with Next.js](./docs/recipes/server-side-auth-next-api-routes.md) ( [demo](https://github.com/AxeWP/axepress-playground/blob/demo/server-side-auth/HowTo.md) ).\n- [Client-side Authentication flow with NextAuth.js](./docs/recipes/client-side-auth-nextauth.md)\n- [Adding custom `ProviderConfig`s](./docs/recipes/provider-config.md)\n\n## Testing\n\n1. Copy `.env.dist` to `.env`, and update the file to match your local environment.\n2. Run `composer install` to get the dev-dependencies.\n3. Run `composer install-test-env` to create the test environment.\n4. Run your test suite with [Codeception](https://codeception.com/docs/02-GettingStarted#Running-Tests).\nE.g. `vendor/bin/codecept run wpunit` will run all WPUnit tests.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faxewp%2Fwp-graphql-headless-login","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faxewp%2Fwp-graphql-headless-login","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faxewp%2Fwp-graphql-headless-login/lists"}