oAuth (3rd party)

[billybigpotatoes]

This is very exciting and in line with work we have started - next.js + WP. I see you have taken care of auth tokens for preview etc - syncing the WP world with React etc. We are looking to move to an identity provider (oAuth based) to manage our user accounts allowing users to login to any of our WP sites with a single click and have one account to manage.

Does this add extra complexity to this mix? Passing the jwt tokens from the oAuth provider to WP and to the framework. We want JWT tokens to be available to be available in the front end so that API calls to other platforms can be made and also calls back to WP are also authenticated.

Also I assume this could all work for server side - allowing external calls to non WP endpoints to still be made by the client with the associated JWT tokens.

I hope this makes sense!

[matt-landers]

@billybigpotatoes If WordPress is aware of the token and can use it to authorize, it will work with WPGraphQL as long as you can pass it in via a request header.