This setting provides mappings between the domain suffix of the Azure AD user principal name (UPN) on the one hand and WordPress roles on the other hand.
Please note A UPN consists of a UPN prefix (the user account name) and a UPN suffix (a DNS domain name). The prefix is joined with the suffix using the “@” symbol. For example, “email@example.com”. A UPN must be unique among all security principal objects within a directory forest. .
Also, when configured, this setting will override the Default role main site setting.
To create a mapping you must select first the WordPress role that you intend to create a mapping for from the drop down list and then you add the domain suffix for which the mapping is valid.
Please note that a domain suffix never starts with http. So you would enter example.com and not https://example.com or https://www.example.com.
- After you entered a new mapping on a line you must click “+” to add it. Also when you are entering just one line.
- Also please make sure that you have entered the default and possible custom domains on WP Admin > WPO365 > User registration.
- If you have added domains to WP Admin > WPO365 > Single Sign on > Domain whitelist then please ensure that you have whitelisted the domain you are creating a mapping for.