Back to documentation
The setting “Don’t try to bypass (server side) cache” is not checked by default. This means that by default the plugin will always add an extra redirect before sending the user to Microsoft’s Identity Provider to prevent caching plugins and solutions from replaying an old request with a stale NONCE value, resulting in the dreaded “Your login might be tampered with.” error message. If you haven’t been affected by this issue, you can open the Miscellaneous Tab and check the box and by doing so manually disable the plugin tying to bypass server side caching.
You can customize the error message for each error code with your own text. The error message will be shown just above the login form when the user’s attempt to sign into your website failed.
When checked the plugin will ensure that a so-called NONCE is generated and verified each time a client-solution requests an access token. For more information see [Pintra Framework](https://www.wpo365.com/pintra-fx/).
When checked the plugin will only try and add the default role if no other role(s) could be assiged i.e. no valid Azure AD to WordPress role mapping exists for that user.
Each time a user signs into your website the plugin will verify whether the user’s login information contains additional (Azure AD Security Group) membership information.
Extra user fields retrieved from Microsoft Graph.
Microsoft offers a beta version of its graph, which offers experimental features and optionally returns more data. This can be especially interesting in combination with the retrieval of Office 365 user information.
Version Available Personal Blog (free) No Commercial / School / Non-profit (premium) Yes Properties Value Group User Management Mandatory No Setting description This setting enhances the update user role behavior and if checked would instruct the plugin to skip checking the role and possibly updating it when Azure AD group to WordPress role mapping are […]