QROGIN is a developer-friendly QR based social login platform delivering FIDO2 passkey-powered passwordless authentication, combining enterprise-grade security with easy integration and seamless identity management.
Using this plugin, developers will be able to generate tamper‑proof (time-limited & one-time use) QR codes and secure one‑click links(button) for QROGIN user-login/signup. The widgets talks to your QROGIN back‑end, displays a countdown, polls for authentication and then fires a JavaScript event so you can finish the flow your way.
Features
- Three modes:
QrWidget
, QrWithLink
, SecureLinkButton
- Customise colours, labels and CSS classes from the shortcode
- Accessible: countdown and refresh button included
- Event‑driven – hook into
qrogin-authenticated
for SPA redirects
- Works on any page/post or block editor pattern
\== Installation ==
- Upload the plugin folder to
/wp-content/plugins/
and activate it.
- Place the shortcode where you need the QR:
[qrogin_qr_widgets base_url="https://sample.qrogin.com/qr (sample url - actual url will be provided privately)" status_base="https://sample.qrogin.com/status (sample url - actual url will be provided privately)" tenant_id="ACME123" api_key="YOUR_API_KEY" mode="QrWidget" (or or QrWithLink or SecureLinkButton) ttl_ms="55000" poll_interval="5000" class="my-wrapper" button_label="Secure one‑time link" button_class="btn btn-primary" button_style="font-size:20px"
]
Important: Both
base_url
and
status_base
must be
HTTPS endpoints hosted on a
qrogin.com
sub‑domain (e.g.
https://auth.qrogin.com/...
).
Attribute reference**
| Attribute | Default | Notes |
| --------------- | ------------------------ | ----------------------------------------------- |
|
base_url
|
(required) | Endpoint that returns QR payload |
|
status_base
|
(required) | Endpoint polled to read auth status |
|
tenant_id
|
(required) | Your tenant/account ID |
|
api_key
|
(required) | API key issued by QROGIN |
|
mode
|
QrWidget
|
QrWidget
,
QrWithLink
, or
SecureLinkButton
|
|
ttl_ms
|
55000
| Time‑to‑live in milliseconds |
|
poll_interval
|
5000
| Polling gap in milliseconds |
|
class
|
''
| Extra classes for the wrapper |
|
button_label
|
"Secure one‑time link"
| Button inner HTML |
|
button_class
|
''
| Extra classes for the button |
|
button_style
|
''
| Inline CSS for the button |
\== Usage example: catching the authentication event ==
```html
document.querySelectorAll('.qrogin-qr-container').forEach(el => {
el.addEventListener('qrogin-authenticated', e => {
const { token, user_id } = e.detail;
sessionStorage.setItem('qroginJwt', token);
sessionStorage.setItem('userId', user_id);
// Redirect to a safe location
window.location.href = '';
});
});
```
\== Privacy ==
This plugin sends only the fields you configure—
tenant_id
,
api_key
, and associated session data—to
your own QROGIN back‑end. All traffic travels over
HTTPS to QROGIN‑owned sub‑domains (
*.qrogin.com
) only. No data is transmitted to the plugin author or any other third‑party service.
\== Frequently Asked Questions ==
\= The QR never changes colour – what gives? =
Check your browser console for CORS errors. The
base_url
and
status_base
must be served over HTTPS and send the correct CORS headers.
\= Does it work with page builders? =
Yes. The shortcode can be dropped into any text/html block.
\== Screenshots ==
- QR widget and Secure Link Button in action (screenshot-1.png)
\== Changelog ==
\= 1.0.0 =
\== Upgrade Notice ==
\= 1.0.0 =
Initial version – nothing to worry about.