-
Eating our own dog food!
We have updated our website WordPress + Azure AD / Microsoft Office 365 and made it easier for you to log in using our brand new Azure AD B2C tenant. So what did change? You can still access your account to manage your details, subscriptions, licenses and download purchased items at https://www.wpo365.com/your-account/. But now you…
-
URGENT: nOAuth, or how an OpenID Connect misconfiguration can lead to full account takeover
If you have enabled support for multi-tenant authentication for your registered application in Azure AD then please read the following information carefully. The Descope security team discovered a gray area in Microsoft Azure AD multi-tenant OAuth applications that could lead to full account takeover. Please compare your configuration with the example below, if…
-
URGENT: WPO365 | LOGIN plugin v23.0 will prevent WordPress from checking for plugin updates
If you already installed version 23.0 of the WPO365 | LOGIN plugin, then please read the following information very carefully. A severe issue with the WPO365 | LOGIN plugin v23.0 will prevent WordPress from checking for plugin updates. This does not only affect the WPO365 plugins, but all installed WordPress plugins. As…
-
Building a WordPress based intranet: Restrict access
WPO365 can help you restrict access to all or some posts and pages of your WordPress website. The following features may help you achieve your goal: Authentication scenarios WPO365 allows administrators to choose between two authentication scenarios: Choosing your preferred authentication scenario, is a feature that is supported by the…
-
Synchronize (custom) user attributes in Azure AD B2C to WordPress
In this article I’d like to demonstrate how easy it is to add a custom user attribute to a user’s Azure AD B2C profile and synchronize this additional information to WordPress. This would be especially important, if you are using Azure AD B2C as your primary source for identities and…
