Introduction
Some use cases require you to enable users from multiple Microsoft Entra ID tenants to sign into your WordPress web application. For instance, following the merger of two companies, it may be necessary to grant users from both entities access to internal information published on a microsite, which you have established within the current public-facing website. WPO365 can help and supports the configuration of multiple Identity Providers as well as Microsoft Entra ID’s multi-tenancy capability.
Important To understand the risks involved of enabling support for Microsoft Entra ID’s multi-tenancy feature, please have a look at this article. Understanding the differences between a Guest User (or an External Identity) in your own Microsoft Entra ID tenant and the multi-tenancy feature of Microsoft Entra ID, as explained in this article, is also important.
Supported features
Multiple Identity Providers
Upon installing and configuring the plugin, by default, only users with accounts in your organizational directory can sign into your WordPress website. However, if you plan to make portions of your WordPress website also available for users of a handful of Microsoft Entra ID tenants, you can configure more than one Identity Provider.
Microsoft Entra ID’s multi-tenancy
If you wish to make portions of your WordPress website available to any user with a valid Microsoft login, you may enable the multi-tenancy feature of Microsoft Entra ID. If activated, you can grant access to:
- Users in any organizational directory (Any Azure AD directory – Multitenant)
- And / or users with a personal Microsoft account (MSAL) e.g. Outlook, Skype, Xbox
Plugins with these features
Configuring WPO365 to enable users to select from multiple Identity Providers is supported by any premium WPO365 add-on or bundle. Support for Microsoft Entra ID’s multi-tenancy feature, however, requires the LOGIN+ addon and the SYNC and INTRANET bundles.