Auto Login


WP Fusion’s auto-login system can load the CRM tags and meta data for a contact record into a temporary WordPress user account. The site visitor is then tracked with a cookie.

This allows you to personalize site content, pre-fill forms, and track activity (by applying tags) even if the contact doesn’t have a WordPress account.

The auto-login process can either be triggered via a link, or via a form submission.

Note: This feature does not always work properly on WP Engine or other hosts that don’t let you edit your site’s caching settings.

Auto Login Links

Auto login links can be used in an email to grant access to restricted content on your site without requiring a user to log in. You can even grant access to contacts in your CRM that don’t have user accounts on your site.

Keep in mind that the user will only be logged in for the purposes of WP Fusion’s content restriction and activity tracking features. For security reasons, users will not be able to access or edit their account details, purchase history, or any other sensitive information. For that they will need to log into your site using their username and password. All other plugins will see the visitor as a guest.


To use this feature, first enable it from the Advanced section of the WP Fusion general settings tab.

You can now log a user into your site by passing a contact ID in any URL pointed at your site, for example:

This sets a cookie and creates a temporary WordPress user with that contact’s tags and other information from your CRM. Any protected content will be accessible if the contact has the correct tags. You can also apply tags and track activity as if the user was logged in.

You can also use WP Fusion’s user meta shortcodes to display contact data from your CRM.

Personalization tags

Here are some of the personalization tags for our more popular CRM integrations. This list will continue to be updated:

  • ActiveCampaign:
  • AgileCRM:{{id}}
  • ConvertKit:{{ }}
  • Drip:{{ }}
  • Gist: not supported by Gist
  • Groundhogg:{id}
  • HubSpot:{{ }}
  • Infusionsoft:
  • Mailchimp:*|EMAIL|*
  • MailerLite:{$email}
  • Mautic:{contactfield=id}
  • NationBuilder:{{}}
  • Ontraport:[Contact ID]
  • Zoho:${Contacts.Contact Id}

For other CRMs you can find the merge field for the contact ID from their merge fields documentation.

Set Current User

By default auto-logged in users will only be able to access content protected by WP Fusion, and contact data can only be displayed using WP Fusion’s shortcodes.

You can enable Set Current User to have WP Fusion set the $current_user global in WordPress, so other plugins will be tricked into treating the user as logged-in as well.

This works well for pre-filling forms (in plugins like Gravity Forms or Advanced Custom Fields) with data from the CRM contact record, allowing you to create profile update forms or subscription preferences forms for your mailing list subscribers.

However this can cause problems with membership plugins (like BuddyBoss) and gamification plugins as they try to trigger notifications or achievements for a non-existent user, and may cause your site to crash when the auto-login link is visited.

If you get a white screen or an error message when visiting an auto-login link, turning off Set Current User will likely fix the error.

Form Auto Login

You can also start an auto-login session when a form is submitted with any one of our supported form plugins.

This is the same as if the visitor had just followed an auto-login link— a cookie is set and then you can customize the site appearance based on the tags and meta data on their contact record.

To enable this, check the box for Form Auto Login from the Advanced settings tab.

Ending auto-login sessions

WP Fusion will attempt to end the auto login session in several situations to prevent unexpected behavior on your site:

  • When a user logs into the site with a username and password
  • When a visitor reaches a page that contains “login” in the URL
  • When a visitor reaches a page that contains “register” in the URL
  • When a visitor reaches a page that contains “checkout” in the URL

However you may also want to force the auto-login session to end at a different time, for example when a form is submitted. You can do this by appending ?wpf-end-auto-login=true to any URL.

You can also achieve this in PHP by calling wp_fusion()->auto_login->end_auto_login();

Troubleshooting Auto Login

The auto login system is still considered experimental and we can’t guarantee that it will work with all plugins.

If you’re using an auto login link and it doesn’t seem to be working, the first thing to check is if the cookie has been set for the auto login session. You can check your browser’s cookie storage to see if the wpf_contact cookie is being set. In Chrome this is found in the developer console under Application » Cookies:

If the wpf_contact cookie isn’t set, then the auto login URL wasn’t recognized. You should make sure that you’re using a real contact ID in your auto login URL, and that Auto Login is turned on in the WP Fusion settings.

Developer resources

There are a few filters that allow you to modify the auto-login process.

Ending an auto-login session

You can permanently end an auto-login session and remove any cookies via the wpf_end_auto_login filter.

function my_end_auto_login( $end, $contact_data ) {

	if ( wp_fusion()->user->has_tag( 'Payment Failed' ) ) {
		$end = true;

	return $end;

add_filter( 'wpf_end_auto_login', 'my_end_auto_login', 10, 2 );

There is also a helper filter which allows you to end a session based on a partial URL match, wpf_end_auto_login_request_uris:

function my_end_auto_login_uri( $request_uris ) {

	$request_uris[] = 'my-page-slug';

	return $request_uris;

add_filter( 'wpf_end_auto_login_request_uris', 'my_end_auto_login_uri' );

In this example, if the visitor lands on (or any URL with my-page-slug in it) the session will end.

Skipping an auto-login session

You can skip an auto-login session on a single page via the wpf_skip_auto_login filter. The session will be resumed once the visitor navigates to another page.

function my_skip_auto_login( $skip, $contact_data ) {

	if ( is_page( 'my-custom-form' ) ) {
		$skip = true;

	return $skip;

add_filter( 'wpf_skip_auto_login', 'my_skip_auto_login', 10, 2 );

There is also a helper filter which allows you to skip the session based on a partial URL match, wpf_skip_auto_login_request_uris:

function my_skip_auto_login_uri( $request_uris ) {

	$request_uris[] = 'my-page-slug';

	return $request_uris;

add_filter( 'wpf_skip_auto_login_request_uris', 'my_skip_auto_login_uri' );

In this example, if the visitor lands on (or any URL with my-page-slug in it) the session will skipped on that page.

Was this helpful?