AuthO WordPress Advantages and Disadvantages
Should you use the AuthO WordPress service? First, let’s make sure we clear up some naming, because Auth0 is a service with a confusing name.
OAuth (short for “Open Authorization”) is an open standard for user management. Anyone can use the OAuth protocols and frameworks.
Auth0 has a similar name and also specializes in user management, but it is a commercial product. Auth0 was purchased by Okta for $6.5 billion and in 2021. So, as you can imagine after seeing that price tag, Auth0 is not a cheap product to use. The price escalates quickly if you have a lot of users.
How Auth0 works with WordPress
If you want to use Auth0 with WordPress, the plugin is great to work with. You can download it from the Auth0 website and it’s also available on Github. Developers that I’ve talked to speak positively of the plugin and say that it’s easily extensible.
Their plugin replaces the existing WordPress login area. All your existing users are still there, only now you can also let people login with any system imaginable. It’s simple:
- Create an Auth0 Account Install the plugin on your WordPress site.
- Go to Plugins > Add New and search for “Auth0”.
- When installing the plugin it will prompt you to log in to Auth0. You’ll need to use details such as Domain, Client ID, and Client Secret from your Auth0
The Pros and Cons of Using Auth0
Auth0 is a very centralized platform. This can be either positive or negative, depending on your business needs.
Because Auth0 is centralized, it can provide many features that enterprise users want. For example, Auth0 is HIPAA compliant. To make this work, all user data is stored on Auth0 servers. All that WordPress knows about the users is their ID number.
You should should know that all user-related data (such as the user’s name) needs to be fetched whenever a user connects. Your WordPress site always has to reach out to the Auth0 whenever your users take an action that required them to be logged-in.
Authentication happens through the Auth0 platform. This means that you can use Auth0 to add layers to your login system. For example, you can use Auth0 to connect to LDAP or Active Directory. And you can add multi-factor authentication using Authy, Google Authenticator, and more.
The pricing may be a stumbling block for people who are more used to OAuth and open source pricing.
Auth0 also offers a free plan for up to 7,000 active users. The paid plans starting at $23 per month and scale up from there. The pricing is cheaper for Business-to-Consumer use-cases and considerably more expensive for Business-to-Business use.