Private Feed Keys

Allows subscription to RSS feeds on private blogs that require authentication. Works with "More Privacy Options" on multi-site installs.

Author:Adam Franco (profile at wordpress.org)
WordPress version required:3.0
WordPress version tested:4.0
Plugin version:1.1
Added to WordPress repository:06-04-2011
Last updated:11-11-2014
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
Rating, %:0
Rated by:0
Plugin URI:https://github.com/adamfranco/private-feed-ke...
Total downloads:3 671
Active installs:10+
plugin download
Click to start download

This plugin allows users to subscribe to feeds requiring authentication. When using More Privacy Options in a multi-site installation RSS feeds for blogs marked as private require authentication. This plugin adds a user and site specific 40-character key on private blogs, creating a unique feed URL for each registered on user the blog. This allows feeds on private blogs to be subscribed to using feed readers that do not support authentication. As well, this allows subscription on sites where local HTTP authentication of feeds is not possible, such as those that use CAS or OpenId to authenticate users.

This plugin is similar in concept to the Feed Key plugin, but designed from the ground up to operate in a multi-site context where access is controlled by the More Privacy Options plugin.

Primary differences from Feed Key:

  • Only adds keys to the feed URLs on private sites, not all sites in the network.
  • Keys are per site and per user, preventing exposure of the key for a single site from giving access to other sites the user can see.
  • Presence of a feed key authenticates feed requests as the user that matches the key rather than blocking requests that don't include a feed key.
  • If no key is present the RSS feed request continues without interference for handling by other authentication hooks.
  • Access control is still determined by other authentication plugins, ensuring that if a user is removed as a subscriber of a private blog, access to the feed will be denied.
  • Users can revoke their own keys on a per-blog basis.

Contributors and developers, please submit issues and pull-requests via the Github repository.

Licensed under the GNU General Public License 2.0 (GPL)


Screenshots
FAQ
ChangeLog