OAuth 2 Single Sign On Integration

OAuth 2 Single Sign On Integration

MembershipWorks provides industry standard OAuth 2 Single Sign On (RFC 6749 - Authorization Code Grant) to allow third party systems to use MembershipWorks as the authorization server (login provider). 

A common use for this feature would be to enable members to sign in to a forum or Learning Management System (LMS) application through the MembershipWorks sign in.
Info
The third-party application will need to support the industry-standard OAuth 2 Authorization Code Grant protocol. MembershipWorks will act as the authorization server and the application would be the client application.

Step by Step Instructions

Step 1: Sign in as Primary Admin 

Login as the primary admin and go to Organization Settings > Apps.

Step 2: Add App 

Click on + Add App.

Step 3: Set App Name 

Next to App Name, enter a name so you can identify what app you are using this for.


Step 4: Set Redirect URL 

Provide the OAuth Redirect URL (this should be given to you by the third party system)

Step 5: Create App 

Click Create

Step 6: Note Down App Credentials 

Copy down the Client ID, Client Secret, Token Endpoint and User Info Endpoint. In particular the Client Secret is only available after step 5 so make sure to copy it down carefully.
Info
The Client ID, Client Secret, Authorization Endpoint, Token Endpoint and User Info Endpoint will all be required by the third party system to implement SSO. The Authorization Endpoint will be the URL of the member login page on your website - ie. the page where you've placed the MembershipWorks "Member Sign In and Manage Account" shortcode or snippet. Note that this page should not have a memberonly shortcode/snippet as well.

Member Login

Once the third party system is setup, when members need to login to that system they will be directed to the member login page on your website. If the member is not already logged in they will be prompted to login. Once they are logged in, MembershipWorks will provide the authentication token to the third party system that will allow it to lookup the member's info via the User Info endpoint. The User Info endpoint will provide the following information:
  1. account_id - member's MembershipWorks account ID
  2. email - email address field
  3. name - account name field
  4. contact_name - contact name field (if applicable)
  5. organization_name - organization name field (if applicable)
  6. phone - phone field (if applicable)
  7. mobile - mobile field (if applicable)
  8. fax - fax field (if applicable)
  9. website - website field (if applicable)
The User Info endpoint also provides information on address, membership level, membership add-ons, membership expiration date, labels, folders and card image objects. But typically most third party systems will only utilize the email and name data.
    MW Admin Login

      Get Support Along the Way

      Schedule a free screen share training session where we can help you get started and/or answer your questions.

      Send your questions to
      info@membershipworks.com Most questions are generally answered within one business day. Developer questions require more response time.

      Have a quick question? Anyone on your team may call our support line at (469) 804-0871. Customer service hours are Mon-Fri 10 am-6 pm US Central Time.