node package manager


Wordpress OAuth2 strategy for Passport.


Passport strategy for authenticating with Wordpress using the OAuth 2.0 API.

$ npm install passport-wordpress

The Wordpress authentication strategy authenticates users using a Wordpress account and OAuth 2.0 tokens. The strategy requires a verify callback, which accepts these credentials and calls done providing a user, as well as options specifying a client ID, client secret, and callback URL.

passport.use(new WordpressStrategy({
    clientID: CLIENT_ID,
    clientSecret: CLIENT_SECRET
  function(accessToken, refreshToken, profile, done) {
    User.findOrCreate({ WordpressId: }, function (err, user) {
      return done(err, user);

Use passport.authorize(), specifying the 'Wordpress' strategy, to authenticate requests.

For example, as route middleware in an Express application:


  passport.authorize('wordpress', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.

The MIT License

Copyright (c) 2013 Michael Pearson <>