Add Secure Authentication to your WordPress Site in 15 Minutes


Yeah we’ve made quite a few improvements to the plugin since this article was written! The good news is it should be a lot easier to set up now. We don’t have an updated guide, but installing the plugin should give you a settings screen in Wordpress which walks you through the required steps!…

Luis Martins

This sounds great, but something’s amiss. It asks you for the configuration details (Okta Issuer URI and Sign-In Widget Client ID), but adding that you still get “Client authentication failed. Either the client or the client credentials are invalid.” errors when trying to login a user using the app.

Paul Wilkins

As soon as I activate the plugin I get this. Any suggestions?

Warning: session_start(): open(/var/lib/php/session/sess_srqvn8t000albfo3p74n82jd3d, O_RDWR) failed: Permission denied (13) in /var/www/*****/wp-content/plugins/okta-wordpress-sign-in-widget-main/okta-widget.php on line 72

Warning: session_start(): Failed to read session data: files (path: /var/lib/php/session) in /var/www/****/wp-content/plugins/okta-wordpress-sign-in-widget-main/okta-widget.php on line 72

Debabrata Karfa

https://uploads.disquscdn.c… Getting this error and also not able to get the Client Credential section, getting App Embed Link.

Danny Plunkett

Hi, we want to use Okta to allow CMS user authentication and access in a new Wordpress multisite installation that’s in development. Our developers have flagged that the app in this article is a proof of concept and not finished. To avoid us reinventing the wheel and wasting resources on attempting things that others have already tried, would you have details of previous projects that have successfully integrated Okta on a WP multisite to authenticate CMS users? Or is there an update on the status of this app, meaning it’s no longer just proof of concept? Our organisation already uses Okta on a global scale to authenticate users of our Microsoft apps. Thanks


We’re getting the same issue as Luis i.e. the client authentication fails and it redirects to a blank page that, according to the source code of the page, appears to be the OKTA plugin login page. Is there any kind of support available to resolve this other than leaving messages here?

I do not see the file: env.example.php in the plugin

The plugin has been updated since this blog post and no longer is configured this way. All the configuration is done inside of Wordpress after you install the plugin now!


I’m using the plugin to login Wordpress with Okta, it’s ok.

But two questions :

  • How to synchronise users ? Currently I need to create users on Wordpress AND on Okta, and same to delete.
  • How to do with headless Wordpress ? I want to use Okta for private contents. Have a token on my frontend, if token is ok, I display private content for user. Seems possible ?


@flysette Did you figure you the questions you had on synchronization of users? If this has to be done manually on Okta without some way to synchronize or migrate that would be rather tedious…