From e761261f5091d6a62ad780b80311c79efb44e832 Mon Sep 17 00:00:00 2001
From: hoang <hoang@learndash.com>
Date: Tue, 12 May 2026 16:49:57 +0700
Subject: [PATCH 1/2] feat(branding): add border radius, secondary button, and
 heading color controls

---
 src/WorkOS/Auth/AuthKit/Profile.php  |  80 ++++++++++---
 src/WorkOS/Auth/AuthKit/Renderer.php | 123 ++++++++++++++++----
 src/js/admin-profiles/index.tsx      | 166 +++++++++++++++++++++++++--
 src/js/admin-profiles/styles.css     |  96 ++++++++++++++++
 src/js/authkit/index.tsx             |   7 +-
 src/js/authkit/styles.css            |  44 ++++---
 src/js/authkit/types.ts              |  14 ++-
 tests/wpunit/AuthKitProfileTest.php  |  22 +++-
 tests/wpunit/AuthKitRendererTest.php |  14 ++-
 9 files changed, 488 insertions(+), 78 deletions(-)

diff --git a/src/WorkOS/Auth/AuthKit/Profile.php b/src/WorkOS/Auth/AuthKit/Profile.php
index d7a880a..7f88433 100644
--- a/src/WorkOS/Auth/AuthKit/Profile.php
+++ b/src/WorkOS/Auth/AuthKit/Profile.php
@@ -149,7 +149,7 @@ class Profile {
 	/**
 	 * Branding config.
 	 *
-	 * @var array{logo_mode: string, logo_attachment_id: int, primary_color: string, heading: string, subheading: string}
+	 * @var array{logo_mode: string, logo_attachment_id: int, card_border_radius: string, button_border_radius: string, page_background: string, card_background: string, card_border: string, heading_color: string, subheading_color: string, button_background: string, button_text: string, secondary_button_background: string, secondary_button_text: string, secondary_button_border: string, links_color: string, heading: string, subheading: string}
 	 */
 	private array $branding;
 
@@ -201,11 +201,23 @@ public function __construct( array $data ) {
 			'factors' => array_values( array_filter( (array) ( $data['mfa']['factors'] ?? [] ), 'is_string' ) ),
 		];
 		$this->branding            = [
-			'logo_mode'          => (string) ( $data['branding']['logo_mode'] ?? self::LOGO_MODE_DEFAULT ),
-			'logo_attachment_id' => (int) ( $data['branding']['logo_attachment_id'] ?? 0 ),
-			'primary_color'      => (string) ( $data['branding']['primary_color'] ?? '' ),
-			'heading'            => (string) ( $data['branding']['heading'] ?? '' ),
-			'subheading'         => (string) ( $data['branding']['subheading'] ?? '' ),
+			'logo_mode'                   => (string) ( $data['branding']['logo_mode'] ?? self::LOGO_MODE_DEFAULT ),
+			'logo_attachment_id'          => (int) ( $data['branding']['logo_attachment_id'] ?? 0 ),
+			'card_border_radius'          => (string) ( $data['branding']['card_border_radius'] ?? '' ),
+			'button_border_radius'        => (string) ( $data['branding']['button_border_radius'] ?? '' ),
+			'page_background'             => (string) ( $data['branding']['page_background'] ?? '' ),
+			'card_background'             => (string) ( $data['branding']['card_background'] ?? '' ),
+			'card_border'                 => (string) ( $data['branding']['card_border'] ?? '' ),
+			'heading_color'               => (string) ( $data['branding']['heading_color'] ?? '' ),
+			'subheading_color'            => (string) ( $data['branding']['subheading_color'] ?? '' ),
+			'button_background'           => (string) ( $data['branding']['button_background'] ?? '' ),
+			'button_text'                 => (string) ( $data['branding']['button_text'] ?? '' ),
+			'secondary_button_background' => (string) ( $data['branding']['secondary_button_background'] ?? '' ),
+			'secondary_button_text'       => (string) ( $data['branding']['secondary_button_text'] ?? '' ),
+			'secondary_button_border'     => (string) ( $data['branding']['secondary_button_border'] ?? '' ),
+			'links_color'                 => (string) ( $data['branding']['links_color'] ?? '' ),
+			'heading'                     => (string) ( $data['branding']['heading'] ?? '' ),
+			'subheading'                  => (string) ( $data['branding']['subheading'] ?? '' ),
 		];
 		$this->post_login_redirect = (string) ( $data['post_login_redirect'] ?? '' );
 		$this->forward_query_args  = (bool) ( $data['forward_query_args'] ?? false );
@@ -297,10 +309,27 @@ public static function from_array( array $data ): self {
 			$organization_id = '';
 		}
 
-		$primary_color = (string) ( $data['branding']['primary_color'] ?? '' );
-		if ( '' !== $primary_color && ! preg_match( '/^#[0-9a-fA-F]{3,8}$/', $primary_color ) ) {
-			$primary_color = '';
-		}
+		$sanitize_color = static function ( string $value ): string {
+			return ( '' !== $value && preg_match( '/^#[0-9a-fA-F]{3,8}$/', $value ) ) ? $value : '';
+		};
+
+		$sanitize_radius = static function ( string $v ): string {
+			$v = trim( $v );
+			return ( '' !== $v && ctype_digit( $v ) ) ? $v : '';
+		};
+		$card_border_radius          = $sanitize_radius( (string) ( $data['branding']['card_border_radius'] ?? '' ) );
+		$button_border_radius        = $sanitize_radius( (string) ( $data['branding']['button_border_radius'] ?? '' ) );
+		$page_background             = $sanitize_color( (string) ( $data['branding']['page_background'] ?? '' ) );
+		$card_background             = $sanitize_color( (string) ( $data['branding']['card_background'] ?? '' ) );
+		$card_border                 = $sanitize_color( (string) ( $data['branding']['card_border'] ?? '' ) );
+		$heading_color               = $sanitize_color( (string) ( $data['branding']['heading_color'] ?? '' ) );
+		$subheading_color            = $sanitize_color( (string) ( $data['branding']['subheading_color'] ?? '' ) );
+		$button_background           = $sanitize_color( (string) ( $data['branding']['button_background'] ?? '' ) );
+		$button_text                 = $sanitize_color( (string) ( $data['branding']['button_text'] ?? '' ) );
+		$secondary_button_background = $sanitize_color( (string) ( $data['branding']['secondary_button_background'] ?? '' ) );
+		$secondary_button_text       = $sanitize_color( (string) ( $data['branding']['secondary_button_text'] ?? '' ) );
+		$secondary_button_border     = $sanitize_color( (string) ( $data['branding']['secondary_button_border'] ?? '' ) );
+		$links_color                 = $sanitize_color( (string) ( $data['branding']['links_color'] ?? '' ) );
 
 		$logo_attachment_id = (int) ( $data['branding']['logo_attachment_id'] ?? 0 );
 
@@ -341,11 +370,23 @@ public static function from_array( array $data ): self {
 					'factors' => $mfa_factors,
 				],
 				'branding'            => [
-					'logo_mode'          => $logo_mode,
-					'logo_attachment_id' => $logo_attachment_id,
-					'primary_color'      => $primary_color,
-					'heading'            => sanitize_text_field( (string) ( $data['branding']['heading'] ?? '' ) ),
-					'subheading'         => sanitize_text_field( (string) ( $data['branding']['subheading'] ?? '' ) ),
+					'logo_mode'                   => $logo_mode,
+					'logo_attachment_id'          => $logo_attachment_id,
+					'card_border_radius'          => $card_border_radius,
+					'button_border_radius'        => $button_border_radius,
+					'page_background'             => $page_background,
+					'card_background'             => $card_background,
+					'card_border'                 => $card_border,
+					'heading_color'               => $heading_color,
+					'subheading_color'            => $subheading_color,
+					'button_background'           => $button_background,
+					'button_text'                 => $button_text,
+					'secondary_button_background' => $secondary_button_background,
+					'secondary_button_text'       => $secondary_button_text,
+					'secondary_button_border'     => $secondary_button_border,
+					'links_color'                 => $links_color,
+					'heading'                     => sanitize_text_field( (string) ( $data['branding']['heading'] ?? '' ) ),
+					'subheading'                  => sanitize_text_field( (string) ( $data['branding']['subheading'] ?? '' ) ),
 				],
 				'post_login_redirect' => sanitize_text_field( (string) ( $data['post_login_redirect'] ?? '' ) ),
 				'forward_query_args'  => (bool) ( $data['forward_query_args'] ?? false ),
@@ -384,7 +425,12 @@ public static function defaults(): self {
 				'branding'            => [
 					'logo_mode'          => self::LOGO_MODE_DEFAULT,
 					'logo_attachment_id' => 0,
-					'primary_color'      => '',
+					'page_background'    => '',
+					'card_background'    => '',
+					'card_border'        => '',
+					'button_background'  => '',
+					'button_text'        => '',
+					'links_color'        => '',
 					'heading'            => __( 'Sign in', 'integration-workos' ),
 					'subheading'         => '',
 				],
@@ -620,7 +666,7 @@ public function get_mfa(): array {
 	/**
 	 * Branding configuration.
 	 *
-	 * @return array{logo_attachment_id: int, primary_color: string, heading: string, subheading: string}
+	 * @return array{logo_attachment_id: int, page_background: string, card_background: string, card_border: string, button_background: string, button_text: string, links_color: string, heading: string, subheading: string}
 	 */
 	public function get_branding(): array {
 		return $this->branding;
diff --git a/src/WorkOS/Auth/AuthKit/Renderer.php b/src/WorkOS/Auth/AuthKit/Renderer.php
index 3c3c4f4..592c733 100644
--- a/src/WorkOS/Auth/AuthKit/Renderer.php
+++ b/src/WorkOS/Auth/AuthKit/Renderer.php
@@ -291,10 +291,22 @@ private function resolve_branding( Profile $profile ): array {
 		}
 
 		$resolved = [
-			'logo_url'      => $logo_url,
-			'primary_color' => (string) ( $branding['primary_color'] ?? '' ),
-			'heading'       => (string) ( $branding['heading'] ?? '' ),
-			'subheading'    => (string) ( $branding['subheading'] ?? '' ),
+			'logo_url'                    => $logo_url,
+			'card_border_radius'          => (string) ( $branding['card_border_radius'] ?? '' ),
+			'button_border_radius'        => (string) ( $branding['button_border_radius'] ?? '' ),
+			'page_background'             => (string) ( $branding['page_background'] ?? '' ),
+			'card_background'             => (string) ( $branding['card_background'] ?? '' ),
+			'card_border'                 => (string) ( $branding['card_border'] ?? '' ),
+			'heading_color'               => (string) ( $branding['heading_color'] ?? '' ),
+			'subheading_color'            => (string) ( $branding['subheading_color'] ?? '' ),
+			'button_background'           => (string) ( $branding['button_background'] ?? '' ),
+			'button_text'                 => (string) ( $branding['button_text'] ?? '' ),
+			'secondary_button_background' => (string) ( $branding['secondary_button_background'] ?? '' ),
+			'secondary_button_text'       => (string) ( $branding['secondary_button_text'] ?? '' ),
+			'secondary_button_border'     => (string) ( $branding['secondary_button_border'] ?? '' ),
+			'links_color'                 => (string) ( $branding['links_color'] ?? '' ),
+			'heading'                     => (string) ( $branding['heading'] ?? '' ),
+			'subheading'                  => (string) ( $branding['subheading'] ?? '' ),
 		];
 
 		/**
@@ -323,28 +335,95 @@ private function resolve_branding( Profile $profile ): array {
 	private function branding_style_tag( array $branding ): string {
 		$rules = [];
 
-		// Re-validate the primary color as defense-in-depth. Profile::from_array
-		// already regex-matches it against a hex pattern on save, but this
-		// renderer is the last line before raw emission into a CSS context
-		// where `esc_attr` is semantically wrong. Enforcing the same regex
-		// here guarantees that whatever arrives in $branding — now or from
-		// future call sites — cannot introduce a semicolon, closing brace,
-		// or `</style>` sequence.
-		$primary = (string) ( $branding['primary_color'] ?? '' );
-		if ( '' !== $primary && preg_match( '/^#[0-9a-fA-F]{3,8}$/', $primary ) ) {
-			// A custom primary drops the matching WP-blue hover, so override
-			// hover to the same color. Deriving a darker shade would require
-			// a color-math utility and is not worth the added surface area;
-			// a flat hover reads cleanly enough for a branded palette.
-			$rules[] = '--wa-primary: ' . $primary . ';';
-			$rules[] = '--wa-primary-hover: ' . $primary . ';';
+		// Re-validate colors as defense-in-depth. Profile::from_array already
+		// regex-matches them on save, but this is the last line before raw
+		// emission into a CSS context. Enforcing the same regex here ensures
+		// no semicolon, closing brace, or </style> can be injected regardless
+		// of call site.
+		$valid_hex = static function ( string $v ): bool {
+			return '' !== $v && (bool) preg_match( '/^#[0-9a-fA-F]{3,8}$/', $v );
+		};
+
+		$card_radius  = (string) ( $branding['card_border_radius'] ?? '' );
+		$btn_radius   = (string) ( $branding['button_border_radius'] ?? '' );
+		$page_bg      = (string) ( $branding['page_background'] ?? '' );
+		$card_bg      = (string) ( $branding['card_background'] ?? '' );
+		$card_bdr     = (string) ( $branding['card_border'] ?? '' );
+		$heading_clr  = (string) ( $branding['heading_color'] ?? '' );
+		$sub_clr      = (string) ( $branding['subheading_color'] ?? '' );
+		$btn_bg       = (string) ( $branding['button_background'] ?? '' );
+		$btn_text     = (string) ( $branding['button_text'] ?? '' );
+		$sec_btn_bg   = (string) ( $branding['secondary_button_background'] ?? '' );
+		$sec_btn_text = (string) ( $branding['secondary_button_text'] ?? '' );
+		$sec_btn_bdr  = (string) ( $branding['secondary_button_border'] ?? '' );
+		$links        = (string) ( $branding['links_color'] ?? '' );
+
+		if ( '' !== $card_radius && ctype_digit( $card_radius ) ) {
+			$rules[] = '--wa-card-radius:' . (int) $card_radius . 'px;';
 		}
 
-		if ( empty( $rules ) ) {
-			return '';
+		if ( '' !== $btn_radius && ctype_digit( $btn_radius ) ) {
+			$rules[] = '--wa-btn-radius:' . (int) $btn_radius . 'px;';
 		}
 
-		return '<style>#workos-authkit-root{' . implode( ' ', $rules ) . '}</style>';
+		// Page background targets the takeover body, not the root widget.
+		$body_rules = [];
+		if ( $valid_hex( $page_bg ) ) {
+			$body_rules[] = 'background:' . $page_bg . ';';
+		}
+
+		if ( $valid_hex( $card_bg ) ) {
+			$rules[] = '--wa-surface:' . $card_bg . ';';
+		}
+
+		if ( $valid_hex( $card_bdr ) ) {
+			$rules[] = '--wa-card-border:' . $card_bdr . ';';
+		}
+
+		if ( $valid_hex( $heading_clr ) ) {
+			$rules[] = '--wa-heading-color:' . $heading_clr . ';';
+		}
+
+		if ( $valid_hex( $sub_clr ) ) {
+			$rules[] = '--wa-subheading-color:' . $sub_clr . ';';
+		}
+
+		if ( $valid_hex( $btn_bg ) ) {
+			// A custom button color drops the matching WP-blue hover; use the
+			// same value for hover (flat) rather than deriving a darker shade.
+			$rules[] = '--wa-primary:' . $btn_bg . ';';
+			$rules[] = '--wa-primary-hover:' . $btn_bg . ';';
+		}
+
+		if ( $valid_hex( $btn_text ) ) {
+			$rules[] = '--wa-primary-fg:' . $btn_text . ';';
+		}
+
+		if ( $valid_hex( $sec_btn_bg ) ) {
+			$rules[] = '--wa-secondary-bg:' . $sec_btn_bg . ';';
+		}
+
+		if ( $valid_hex( $sec_btn_text ) ) {
+			$rules[] = '--wa-secondary-fg:' . $sec_btn_text . ';';
+		}
+
+		if ( $valid_hex( $sec_btn_bdr ) ) {
+			$rules[] = '--wa-secondary-border:' . $sec_btn_bdr . ';';
+		}
+
+		if ( $valid_hex( $links ) ) {
+			$rules[] = '--wa-links:' . $links . ';';
+		}
+
+		$out = '';
+		if ( ! empty( $body_rules ) ) {
+			$out .= '<style>body.workos-authkit-body{' . implode( ' ', $body_rules ) . '}</style>';
+		}
+		if ( ! empty( $rules ) ) {
+			$out .= '<style>#workos-authkit-root{' . implode( ' ', $rules ) . '}</style>';
+		}
+
+		return $out;
 	}
 
 	/**
diff --git a/src/js/admin-profiles/index.tsx b/src/js/admin-profiles/index.tsx
index 19b39f1..fb465f5 100644
--- a/src/js/admin-profiles/index.tsx
+++ b/src/js/admin-profiles/index.tsx
@@ -103,7 +103,19 @@ interface Profile {
 		logo_mode: LogoMode;
 		logo_attachment_id: number;
 		logo_url?: string;
-		primary_color: string;
+		card_border_radius: string;
+		button_border_radius: string;
+		page_background: string;
+		card_background: string;
+		card_border: string;
+		heading_color: string;
+		subheading_color: string;
+		button_background: string;
+		button_text: string;
+		secondary_button_background: string;
+		secondary_button_text: string;
+		secondary_button_border: string;
+		links_color: string;
 		heading: string;
 		subheading: string;
 	};
@@ -684,6 +696,48 @@ function LogoField( { mode, attachmentId, url, onChange }: LogoFieldProps ) {
 	);
 }
 
+interface ColorRowProps {
+	label: string;
+	value: string;
+	onChange: ( next: string ) => void;
+}
+
+function ColorRow( { label, value, onChange }: ColorRowProps ) {
+	const safeColor = /^#[0-9a-fA-F]{6}$/.test( value ) ? value : '#000000';
+	return (
+		<div className="wpa-color-row">
+			<span className="wpa-color-row-label">{ label }</span>
+			<label className="wpa-color-row-swatch-wrap" title={ label }>
+				<span
+					className="wpa-color-row-swatch"
+					style={ { backgroundColor: value || undefined } }
+					aria-hidden="true"
+				/>
+				<input
+					type="color"
+					className="wpa-color-row-picker"
+					value={ safeColor }
+					onChange={ ( e: ChangeEvent< HTMLInputElement > ) =>
+						onChange( e.target.value )
+					}
+					aria-label={ label }
+				/>
+			</label>
+			<input
+				type="text"
+				className="wpa-color-row-hex"
+				value={ value }
+				onChange={ ( e: ChangeEvent< HTMLInputElement > ) =>
+					onChange( e.target.value )
+				}
+				placeholder="#000000"
+				maxLength={ 7 }
+				spellCheck={ false }
+			/>
+		</div>
+	);
+}
+
 function emptyProfile(): Profile {
 	return {
 		id: 0,
@@ -700,7 +754,19 @@ function emptyProfile(): Profile {
 			logo_mode: 'default',
 			logo_attachment_id: 0,
 			logo_url: '',
-			primary_color: '',
+			card_border_radius: '',
+			button_border_radius: '',
+			page_background: '',
+			card_background: '',
+			card_border: '',
+			heading_color: '',
+			subheading_color: '',
+			button_background: '',
+			button_text: '',
+			secondary_button_background: '',
+			secondary_button_text: '',
+			secondary_button_border: '',
+			links_color: '',
 			heading: '',
 			subheading: '',
 		},
@@ -945,12 +1011,94 @@ function Editor( {
 					value={ data.branding.subheading }
 					onChange={ ( v ) => setBranding( { subheading: v } ) }
 				/>
-				<TextField
-					label={ __( 'Primary color', 'integration-workos' ) }
-					value={ data.branding.primary_color }
-					onChange={ ( v ) => setBranding( { primary_color: v } ) }
-					placeholder={ __( '#2271b1', 'integration-workos' ) }
-				/>
+				<label className="wpa-field">
+					<span>{ __( 'Card border radius (px)', 'integration-workos' ) }</span>
+					<input
+						type="number"
+						className="wpa-border-radius-input"
+						value={ data.branding.card_border_radius }
+						min={ 0 }
+						max={ 999 }
+						onChange={ ( e: ChangeEvent< HTMLInputElement > ) =>
+							setBranding( { card_border_radius: e.target.value } )
+						}
+						placeholder="3"
+					/>
+				</label>
+				<label className="wpa-field">
+					<span>{ __( 'Button border radius (px)', 'integration-workos' ) }</span>
+					<input
+						type="number"
+						className="wpa-border-radius-input"
+						value={ data.branding.button_border_radius }
+						min={ 0 }
+						max={ 999 }
+						onChange={ ( e: ChangeEvent< HTMLInputElement > ) =>
+							setBranding( { button_border_radius: e.target.value } )
+						}
+						placeholder="3"
+					/>
+				</label>
+				<div className="wpa-branding-colors">
+					<div className="wpa-branding-colors-header">
+						{ __( 'Colors', 'integration-workos' ) }
+					</div>
+					<ColorRow
+						label={ __( 'Page background', 'integration-workos' ) }
+						value={ data.branding.page_background }
+						onChange={ ( v ) => setBranding( { page_background: v } ) }
+					/>
+					<ColorRow
+						label={ __( 'Card background', 'integration-workos' ) }
+						value={ data.branding.card_background }
+						onChange={ ( v ) => setBranding( { card_background: v } ) }
+					/>
+					<ColorRow
+						label={ __( 'Card border', 'integration-workos' ) }
+						value={ data.branding.card_border }
+						onChange={ ( v ) => setBranding( { card_border: v } ) }
+					/>
+					<ColorRow
+						label={ __( 'Heading color', 'integration-workos' ) }
+						value={ data.branding.heading_color }
+						onChange={ ( v ) => setBranding( { heading_color: v } ) }
+					/>
+					<ColorRow
+						label={ __( 'Subheading color', 'integration-workos' ) }
+						value={ data.branding.subheading_color }
+						onChange={ ( v ) => setBranding( { subheading_color: v } ) }
+					/>
+					<ColorRow
+						label={ __( 'Primary button background', 'integration-workos' ) }
+						value={ data.branding.button_background }
+						onChange={ ( v ) => setBranding( { button_background: v } ) }
+					/>
+					<ColorRow
+						label={ __( 'Primary button text', 'integration-workos' ) }
+						value={ data.branding.button_text }
+						onChange={ ( v ) => setBranding( { button_text: v } ) }
+					/>
+					<ColorRow
+						label={ __( 'Secondary button background', 'integration-workos' ) }
+						value={ data.branding.secondary_button_background }
+						onChange={ ( v ) => setBranding( { secondary_button_background: v } ) }
+					/>
+					<ColorRow
+						label={ __( 'Secondary button text', 'integration-workos' ) }
+						value={ data.branding.secondary_button_text }
+						onChange={ ( v ) => setBranding( { secondary_button_text: v } ) }
+					/>
+					<ColorRow
+						label={ __( 'Secondary button border / OR divider', 'integration-workos' ) }
+						value={ data.branding.secondary_button_border }
+						onChange={ ( v ) => setBranding( { secondary_button_border: v } ) }
+					/>
+					<ColorRow
+						label={ __( 'Links', 'integration-workos' ) }
+						value={ data.branding.links_color }
+						onChange={ ( v ) => setBranding( { links_color: v } ) }
+					/>
+				</div>
 			</fieldset>
 
 			<EmbedFieldset
@@ -1232,7 +1380,7 @@ function List( {
 					const overflow    = methods.length - visible.length;
 					const org         = orgName( p.organization_id );
 					const isDefault   = p.slug === 'default';
-					const color       = ( p.branding?.primary_color || '' ).trim();
+					const color       = ( p.branding?.button_background || '' ).trim();
 					const logoUrl     = p.branding?.logo_url || '';
 					const customUrl   = resolveCustomUrl( p );
 					const hasCustom   = '' !== customUrl;
diff --git a/src/js/admin-profiles/styles.css b/src/js/admin-profiles/styles.css
index f9ab62d..db1eafc 100644
--- a/src/js/admin-profiles/styles.css
+++ b/src/js/admin-profiles/styles.css
@@ -433,3 +433,99 @@
 	border-color: #008a20;
 	background: #f0faf2;
 }
+
+/* Border radius input */
+#workos-profiles-admin-root .wpa-border-radius-input {
+	width: 96px;
+	padding: 6px 8px;
+	font-size: 14px;
+}
+
+/* Branding color rows */
+#workos-profiles-admin-root .wpa-branding-colors {
+	display: flex;
+	flex-direction: column;
+	border: 1px solid #dcdcde;
+	border-radius: 4px;
+	overflow: hidden;
+}
+
+#workos-profiles-admin-root .wpa-branding-colors-header {
+	font-size: 12px;
+	font-weight: 600;
+	text-transform: uppercase;
+	letter-spacing: 0.04em;
+	color: #50575e;
+	padding: 8px 14px;
+	background: #f6f7f7;
+	border-bottom: 1px solid #dcdcde;
+}
+
+#workos-profiles-admin-root .wpa-color-row {
+	display: flex;
+	align-items: center;
+	gap: 12px;
+	padding: 10px 14px;
+	border-bottom: 1px solid #f0f0f1;
+	background: #fff;
+}
+
+#workos-profiles-admin-root .wpa-color-row:last-child {
+	border-bottom: none;
+}
+
+#workos-profiles-admin-root .wpa-color-row-label {
+	flex: 1;
+	font-size: 13px;
+	color: #1d2327;
+}
+
+#workos-profiles-admin-root .wpa-color-row-swatch-wrap {
+	position: relative;
+	display: inline-flex;
+	width: 28px;
+	height: 28px;
+	flex-shrink: 0;
+	cursor: pointer;
+	border-radius: 4px;
+	overflow: hidden;
+	border: 1px solid rgba(0, 0, 0, 0.2);
+}
+
+#workos-profiles-admin-root .wpa-color-row-swatch {
+	width: 100%;
+	height: 100%;
+	display: block;
+	background: #c3c4c7;
+}
+
+#workos-profiles-admin-root .wpa-color-row-picker {
+	position: absolute;
+	inset: 0;
+	width: 100%;
+	height: 100%;
+	opacity: 0;
+	cursor: pointer;
+	padding: 0;
+	border: 0;
+	margin: 0;
+}
+
+#workos-profiles-admin-root .wpa-color-row-hex {
+	width: 96px;
+	font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
+	font-size: 13px;
+	padding: 5px 8px;
+	border: 1px solid #dcdcde;
+	border-radius: 3px;
+	color: #1d2327;
+	background: #f6f7f7;
+	flex-shrink: 0;
+}
+
+#workos-profiles-admin-root .wpa-color-row-hex:focus {
+	border-color: #2271b1;
+	outline: none;
+	box-shadow: 0 0 0 1px #2271b1;
+	background: #fff;
+}
diff --git a/src/js/authkit/index.tsx b/src/js/authkit/index.tsx
index 7781b89..bf7d5b4 100644
--- a/src/js/authkit/index.tsx
+++ b/src/js/authkit/index.tsx
@@ -32,7 +32,12 @@ function parseConfig( root: HTMLElement ): AppProps {
 		branding: rawProfile.branding ?? {
 			logo_mode: 'default',
 			logo_attachment_id: 0,
-			primary_color: '',
+			page_background: '',
+			card_background: '',
+			card_border: '',
+			button_background: '',
+			button_text: '',
+			links_color: '',
 			heading: '',
 			subheading: '',
 		},
diff --git a/src/js/authkit/styles.css b/src/js/authkit/styles.css
index 71cdc12..8af2d02 100644
--- a/src/js/authkit/styles.css
+++ b/src/js/authkit/styles.css
@@ -45,6 +45,7 @@ body.workos-authkit-body #workos-authkit-root {
 	--wa-primary: #2271b1;
 	--wa-primary-hover: #135e96;
 	--wa-primary-fg: #ffffff;
+	--wa-links: var(--wa-primary);
 	--wa-border: #8c8f94;
 	--wa-card-border: #c3c4c7;
 	--wa-surface: #ffffff;
@@ -53,7 +54,13 @@ body.workos-authkit-body #workos-authkit-root {
 	--wa-danger: #b91c1c;
 	--wa-danger-bg: #fee2e2;
 	--wa-gap: 16px;
-	--wa-radius: 3px;
+	--wa-card-radius: 3px;
+	--wa-btn-radius: 3px;
+	--wa-secondary-bg: var(--wa-surface);
+	--wa-secondary-fg: var(--wa-primary);
+	--wa-secondary-border: var(--wa-card-border);
+	--wa-heading-color: var(--wa-text);
+	--wa-subheading-color: var(--wa-muted);
 
 	font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen, Ubuntu, sans-serif;
 	font-size: 15px;
@@ -83,7 +90,7 @@ body.workos-authkit-body #workos-authkit-root {
 #workos-authkit-root .wa-card {
 	background: var(--wa-surface);
 	border: 1px solid var(--wa-card-border);
-	border-radius: var(--wa-radius);
+	border-radius: var(--wa-card-radius);
 	padding: 26px 24px;
 	display: flex;
 	flex-direction: column;
@@ -96,12 +103,12 @@ body.workos-authkit-body #workos-authkit-root {
 	line-height: 1.3;
 	margin: 0;
 	font-weight: 600;
-	color: var(--wa-text);
+	color: var(--wa-heading-color);
 }
 
 #workos-authkit-root .wa-subheading {
 	margin: 0;
-	color: var(--wa-muted);
+	color: var(--wa-subheading-color);
 	font-size: 0.9375rem;
 }
 
@@ -145,7 +152,7 @@ body.workos-authkit-body #workos-authkit-root {
 	font-size: 1.0625rem;
 	line-height: 1.33;
 	border: 1px solid var(--wa-border);
-	border-radius: var(--wa-radius);
+	border-radius: var(--wa-btn-radius);
 	background: var(--wa-surface);
 	color: var(--wa-text);
 	box-shadow: 0 0 0 transparent;
@@ -176,7 +183,7 @@ body.workos-authkit-body #workos-authkit-root {
 	font-weight: 400;
 	line-height: 2;
 	border: 1px solid transparent;
-	border-radius: var(--wa-radius);
+	border-radius: var(--wa-btn-radius);
 	cursor: pointer;
 	white-space: nowrap;
 	transition: background-color 0.1s ease, border-color 0.1s ease, color 0.1s ease;
@@ -203,16 +210,17 @@ body.workos-authkit-body #workos-authkit-root {
 }
 
 #workos-authkit-root .wa-btn-secondary {
-	background: var(--wa-surface);
-	color: var(--wa-primary);
-	border-color: var(--wa-primary);
+	background: var(--wa-secondary-bg);
+	color: var(--wa-secondary-fg);
+	border-color: var(--wa-secondary-border);
 }
 
 #workos-authkit-root .wa-btn-secondary:hover,
 #workos-authkit-root .wa-btn-secondary:focus {
-	background: #f6f7f7;
-	color: var(--wa-primary-hover);
-	border-color: var(--wa-primary-hover);
+	background: var(--wa-secondary-bg);
+	color: var(--wa-secondary-fg);
+	border-color: var(--wa-secondary-border);
+	opacity: 0.85;
 }
 
 #workos-authkit-root .wa-btn:disabled {
@@ -222,7 +230,7 @@ body.workos-authkit-body #workos-authkit-root {
 
 #workos-authkit-root .wa-alert {
 	padding: 10px 12px;
-	border-radius: var(--wa-radius);
+	border-radius: var(--wa-card-radius);
 	font-size: 0.9375rem;
 }
 
@@ -245,7 +253,7 @@ body.workos-authkit-body #workos-authkit-root {
 	content: "";
 	flex: 1;
 	height: 1px;
-	background: var(--wa-card-border);
+	background: var(--wa-secondary-border);
 }
 
 #workos-authkit-root .wa-divider-label {
@@ -286,7 +294,7 @@ body.workos-authkit-body #workos-authkit-root {
 
 #workos-authkit-root .wa-below-card-back:hover,
 #workos-authkit-root .wa-below-card-back:focus {
-	color: var(--wa-primary);
+	color: var(--wa-links);
 	text-decoration: underline;
 }
 
@@ -297,7 +305,7 @@ body.workos-authkit-body #workos-authkit-root {
 
 #workos-authkit-root .wa-below-card .wa-linkbtn:hover,
 #workos-authkit-root .wa-below-card .wa-linkbtn:focus {
-	color: var(--wa-primary);
+	color: var(--wa-links);
 	text-decoration: underline;
 }
 
@@ -305,7 +313,7 @@ body.workos-authkit-body #workos-authkit-root {
 	background: none;
 	border: none;
 	padding: 0;
-	color: var(--wa-primary);
+	color: var(--wa-links);
 	cursor: pointer;
 	font: inherit;
 	text-decoration: underline;
@@ -313,7 +321,7 @@ body.workos-authkit-body #workos-authkit-root {
 
 #workos-authkit-root .wa-linkbtn:hover,
 #workos-authkit-root .wa-linkbtn:focus {
-	color: var(--wa-primary-hover);
+	color: var(--wa-links);
 }
 
 #workos-authkit-root .wa-spinner {
diff --git a/src/js/authkit/types.ts b/src/js/authkit/types.ts
index 1462a52..8d0f3c6 100644
--- a/src/js/authkit/types.ts
+++ b/src/js/authkit/types.ts
@@ -34,7 +34,19 @@ export interface ProfileBranding {
 	logo_mode: LogoMode;
 	logo_attachment_id: number;
 	logo_url?: string;
-	primary_color: string;
+	card_border_radius: string;
+	button_border_radius: string;
+	page_background: string;
+	card_background: string;
+	card_border: string;
+	heading_color: string;
+	subheading_color: string;
+	button_background: string;
+	button_text: string;
+	secondary_button_background: string;
+	secondary_button_text: string;
+	secondary_button_border: string;
+	links_color: string;
 	heading: string;
 	subheading: string;
 }
diff --git a/tests/wpunit/AuthKitProfileTest.php b/tests/wpunit/AuthKitProfileTest.php
index e9df8df..1e25c88 100644
--- a/tests/wpunit/AuthKitProfileTest.php
+++ b/tests/wpunit/AuthKitProfileTest.php
@@ -132,17 +132,23 @@ public function test_from_array_accepts_wellformed_organization_id(): void {
 	}
 
 	/**
-	 * Non-hex primary colors are stripped.
+	 * Non-hex color values are stripped for all branding color fields.
 	 */
-	public function test_from_array_rejects_non_hex_primary_color(): void {
+	public function test_from_array_rejects_non_hex_colors(): void {
 		$profile = Profile::from_array(
 			[
 				'slug'     => 'partner',
-				'branding' => [ 'primary_color' => 'red' ],
+				'branding' => [
+					'page_background'   => 'red',
+					'button_background' => 'blue',
+					'links_color'       => 'not-a-color',
+				],
 			]
 		);
 
-		$this->assertSame( '', $profile->get_branding()['primary_color'] );
+		$this->assertSame( '', $profile->get_branding()['page_background'] );
+		$this->assertSame( '', $profile->get_branding()['button_background'] );
+		$this->assertSame( '', $profile->get_branding()['links_color'] );
 	}
 
 	/**
@@ -200,7 +206,9 @@ public function test_to_array_round_trip(): void {
 			'branding'            => [
 				'logo_mode'          => Profile::LOGO_MODE_CUSTOM,
 				'logo_attachment_id' => 99,
-				'primary_color'      => '#ff0066',
+				'page_background'    => '#1e1004',
+				'button_background'  => '#ff0066',
+				'links_color'        => '#ff0066',
 				'heading'            => 'Welcome',
 				'subheading'         => 'Back',
 			],
@@ -219,7 +227,9 @@ public function test_to_array_round_trip(): void {
 		$this->assertFalse( $serialized['signup']['require_invite'] );
 		$this->assertSame( Profile::MFA_ENFORCE_ALWAYS, $serialized['mfa']['enforce'] );
 		$this->assertSame( [ Profile::FACTOR_TOTP, Profile::FACTOR_SMS ], $serialized['mfa']['factors'] );
-		$this->assertSame( '#ff0066', $serialized['branding']['primary_color'] );
+		$this->assertSame( '#1e1004', $serialized['branding']['page_background'] );
+		$this->assertSame( '#ff0066', $serialized['branding']['button_background'] );
+		$this->assertSame( '#ff0066', $serialized['branding']['links_color'] );
 		$this->assertSame( '/dashboard', $serialized['post_login_redirect'] );
 		$this->assertSame( Profile::MODE_CUSTOM, $serialized['mode'] );
 	}
diff --git a/tests/wpunit/AuthKitRendererTest.php b/tests/wpunit/AuthKitRendererTest.php
index 1dc033c..4d30637 100644
--- a/tests/wpunit/AuthKitRendererTest.php
+++ b/tests/wpunit/AuthKitRendererTest.php
@@ -82,21 +82,27 @@ public function test_render_mount_emits_root_div_with_profile_data(): void {
 	}
 
 	/**
-	 * Branding primary color appears as a scoped CSS variable.
+	 * Branding colors appear as scoped CSS variables.
 	 */
 	public function test_render_mount_emits_branding_style_tag(): void {
 		$profile = Profile::from_array(
 			[
 				'slug'     => 'members',
 				'title'    => 'Members',
-				'branding' => [ 'primary_color' => '#ff3366' ],
+				'branding' => [
+					'page_background'   => '#1e1004',
+					'button_background' => '#ff3366',
+					'links_color'       => '#3d7bf5',
+				],
 			]
 		);
 
 		$html = $this->renderer->render_mount( $profile );
 
-		$this->assertStringContainsString( '--wa-primary: #ff3366', $html );
-		$this->assertStringContainsString( '--wa-primary-hover: #ff3366', $html );
+		$this->assertStringContainsString( 'background:#1e1004', $html );
+		$this->assertStringContainsString( '--wa-primary:#ff3366', $html );
+		$this->assertStringContainsString( '--wa-primary-hover:#ff3366', $html );
+		$this->assertStringContainsString( '--wa-links:#3d7bf5', $html );
 	}
 
 	/**

From d9bea54a58bd947b00fd73147b1b8c7e6ccae392 Mon Sep 17 00:00:00 2001
From: hoang <hoang@learndash.com>
Date: Tue, 12 May 2026 17:56:01 +0700
Subject: [PATCH 2/2] Chore: PHPCS fix

---
 src/WorkOS/Auth/AuthKit/Profile.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/WorkOS/Auth/AuthKit/Profile.php b/src/WorkOS/Auth/AuthKit/Profile.php
index 7f88433..d7f51b1 100644
--- a/src/WorkOS/Auth/AuthKit/Profile.php
+++ b/src/WorkOS/Auth/AuthKit/Profile.php
@@ -313,7 +313,7 @@ public static function from_array( array $data ): self {
 			return ( '' !== $value && preg_match( '/^#[0-9a-fA-F]{3,8}$/', $value ) ) ? $value : '';
 		};
 
-		$sanitize_radius = static function ( string $v ): string {
+		$sanitize_radius             = static function ( string $v ): string {
 			$v = trim( $v );
 			return ( '' !== $v && ctype_digit( $v ) ) ? $v : '';
 		};