Skip to main content

WordPress plugin integration

This document walks you through setting up the WordPress™ plugin in Arculix by SecureAuth, and enabling multi-factor authentication to enhance the security of your website’s user and administrator accounts.

Initial steps

  1. Download the Arculix Mobile app on your mobile device and create an account in the app.

  2. Log in to the Arculix admin panel and go to the Applications tab.

  3. Click Create New Application.

  4. Enter the name of your application (i.e., My Wordpress Site), the URL for your WordPress site, and select a color.

    The name and the color are what the users of your site see in the Arculix Mobile app. Within this newly created application are your UID and secret key.

Installing the Arculix plugin in WordPress

  1. In WordPress, go to the Administration panel, select the Plugins tab, select Add New, then search for Arculix (formerly Acceptto).

    wordpress_add_plugin.png
  2. Click Install Now.

  3. Activate the plugin.

  4. After installation, click Activate.

    wordpress_activate.png

Plugin configuration

For this step, you need your Arculix UID, Secret, and API Host URL that you received in the Initial steps.

  1. In your WordPress admin panel, click Plugins, then click the Settings link for Arculix Multi Factor Authentication.

    wordpress_plugins.png
  2. Next, enter the UID, Secret, and API Hostname.

    wordpress_plugin_settings.png
  3. In the Enable for roles section, select the roles to which you want to enforce multi-factor authentication.

    By default, all roles are selected.

  4. Save your changes.

Enable multi-factor login for user

You can enable multi-factor authentication (MFA) for any user who has registered for an account with Arculix.

As an example, let's set up your account.

  1. In the WordPress admin panel, go to your user profile.

  2. At the bottom of your profile page, go to the Arculix Email field and enter the email address to which you registered with Arculix.

    This field is located in the User's Arculix Email Address for Multi Factor section.

    wordpress_plugin_add_email.png

To try out this functionality, log out of WordPress and log in again. You will be directed to a multi-factor authentication page, where you can select your preferred authentication method.

Arculix email field in WordPress

All users now have the User's Arculix Email Address For Multi-Factor section in their user profile with the Arculix Email field.

In WordPress you can select and edit any user and add their email address.

The email address is the same one that is associated with the account. If the user's email address is already registered with Arculix, then the user will experience MFA upon their next login. If the user's email is not yet registered, then the user will be redirected to register at the Arculix website the next time they log in to your site.

wordpress_plugin_email.png

User registration in Arculix

After you activate and configure the Arculix WordPress plugin, all users who are not registered are redirected to register with Arculix the next time they log in. To log in, they must register their Arculix account.

Arculix sign up page

User multi-factor authentication

After registering their Arculix account, you can log in to your account using MFA.

The Select an Authenticator page displays; this is where you can select your preferred authentication method. You can choose between Arculix Mobile (Push), Offline (TOTP), SMS, Email, and Voice Call.

To use TOTP, it requires the use of the Arculix Mobile app and must be configured beforehand. If you select TOTP, you receive a security code to authenticate. After you successfully enter the security code on the web page, you are logged in.

Select MFA method

Support

If you have questions or need assistance, contact SecureAuth Support.

Sales

Want to learn more about our MFA solutions? Contact our Professional Services for a demo today.

Disclaimer

All product names, trademarks, and registered trademarks are the property of their respective owners.

All company, product, and service names used in this document are for identification purposes only. The use of these names, trademarks, and brands do not constitute an endorsement by the SecureAuth Corporation.

WordPress are either registered trademarks or trademarks of Automattic Inc. and/or one or more of its subsidiaries in the United States and/or other countries.