WordPress Auth0 for All Users Without WP Accounts: A plugin
Sometimes my blog actually covers web development, which is ostensibly what this blog is about instead of my random adventures in Mac geekiery.
Recently, I needed to work on a portal site and integrate it into Auth0. The ask seemed simple: Users are required to use Auth0 to view a website. That's it. The problem was that the official Auth0 plugin assumes a few things:
- Users have a WordPress account
- Auth0 is only needed for the `wp-admin.`
I am by no means any sort of security expert; thus, with a lot of googling and some AI-assisted development in about two partial days of development, I was able to create a simple solution in the `functions.php` and a must-use plugin. It'd force authentication on the front end, had a simple Auth0 callback, displayed a login screen if the user hadn't authenticated to our domain, and upon successful sign-in, redirected to the correct page.
Then in the truest 2025 fashion, I copied my mess of code and pasted it into Claude, and after some fine-tuning, created a plugin, wp-auth0-for-all
>- Install and configure the Login by Auth0 plugin
- Download and install wp-auth0-for-all in your plugins.
- Activate wp-auth0-for-all
- Configure it in your settings

This also includes some bonus features like wildcard excluded domains, optional auto-redirect, ability to use custom Auth0 domains.
That's it. It's a simple plugin that forces Auth0 for all users without a need for WP accounts. The plugin page has more information in the ReadMe.