Remote Location Login with Xenforo - acp-bundle/acp-java GitHub Wiki

All URLs MUST contain the https:// or http:// in front. However, https is strongly recommended.

Xenforo is supported as a mix of OAuth2 (for logging in) and a remote query script, which can be found here. Place this query file into the root directory of your forum installation so it can be reached as /xf_query.php.

1st, download and install this plugin. Add a new Client with the callback url <acp base url>/oauth2.callback

Then add a new Location of the type xenforo an fill out the following data:

{
    "remote": "<your forum url>/xf_query.php",
    "type": "xenforo",
    "oauth2data": {
        "profileUrl": "<your forum url>/api/index.php",
        "clientId": "<client id from the forum plugin>",
        "authorizationUrl": "<your forum url>/api/index.php?oauth/authorize",
        "accessTokenUrl": "<your forum url>/api/index.php?oauth/token",
        "clientSecret": "<client secret from forum api>"
    },
    "allowPwLogin": "false",
    "uniqueId": "<auto-generated>",
    "token": "<create a random token and place it into xf-query.php>"
}

Make sure to add a secure token into the xenforo script and the Location config. Whitelist your ACP in the IP list at the beginning and put in the access data from a sql user that can log into the xenforo database!