Check nonce
When checked the plugin will ensure that a so-called NONCE is generated and verified each time a client-solution requests an access token. For more information see [Pintra Framework](https://www.wpo365.com/pintra-fx/).
Enable token service
When checked the plugin enable its built-in WordPress AJAX service that can be consumed by client-side (e.g. JavaScript) solutions to request access tokens for Azure AD secured resources e.g. SharePoint Online and Microsoft Graph. For more information see [Pintra Framework](https://www.wpo365.com/pintra-fx/).
Default role as fallback
When checked the plugin will only try and add the default role if no other role(s) could be assiged i.e. no valid Azure AD to WordPress role mapping exists for that user.
User role(s) update scenario
Each time a user signs into your website the plugin will verify whether the user’s login information contains additional (Azure AD Security Group) membership information.
Extra user fields
Extra user fields retrieved from Microsoft Graph.
Microsoft Graph version
Microsoft offers a beta version of its graph, which offers experimental features and optionally returns more data. This can be especially interesting in combination with the retrieval of Office 365 user information.
Do not update existing admins
Version Available Personal Blog (free) No Commercial / School / Non-profit (premium) Yes Properties Value Group User Management Mandatory No Setting description This setting enhances the update user role behavior and if checked would instruct the plugin to skip checking the role and possibly updating it when Azure AD group to WordPress role mapping are …
Update user role
When checked, the plugin will check and possibly update a user’s WordPress role dynamically each time a user signs into your website.
Allow users from other tenants
Allow users from other Office 365 Azure AD tenants to sign into your WordPress website.
Post sign-out URL
Version Available Personal Blog (free) No Commercial / School / Non-profit (premium) Yes Properties Value Group Login / Logout behaviour Mandatory No Setting description A user that clicks the (default) WordPress logout link will also be logged out from Office 365. To achieve this the user will be redirected to a Microsoft logout page so …