WPO365 | LOGIN
Description
With WPO365 | LOGIN users can sign in with their corporate or school (Azure AD / Microsoft Office 365) account to access your WordPress website: No username or password required (OIDC or SAML 2.0 based SSO). Plus you can send email using Microsoft Graph instead of SMTP from your WordPress website.
You find this plugin also as a free download in the WordPress Plugins Directory. Alternatively, you can go to your WordPress website’s Plugins page, click Add new and then search for WPO365.
Basic Features
SINGLE SIGN-ON (SSO)
- Enable Microsoft based Single Sign-on more
- Supported Identity Providers (IdPs): Azure Active Directory, Azure AD B2C, Entra External ID (Azure AD for Customers) more
- Supported SSO protocols: OpenID Connect and SAML 2.0 more
- Supported OpenID Connect User Flows: Authorization Code User Flow (recommended) and Hybrid User Flow more
NEW USERS
- New users that sign in with Microsoft automatically become WordPress users more
INTRANET
- Configure the intranet authentication mode to restrict access to all front-end posts and pages more
- Hide the WordPress Admin Bar for specific roles more
MICROSOFT TEAMS
- Support for (seamless) integration of your WordPress website into a Microsoft Teams Tabs and Apps more
- Send emails using Microsoft Graph instead of SMTP from your WordPress website more
- Send as HTML
- Save to the Sent Items folder
- Support for file attachments
WORDPRESS MULTISITE
- Support for WordPress Multisite more
POWER BI
- Embed Microsoft Power BI content (user owns data) more
SHAREPOINT
- Embed a SharePoint Online library more
- Embed a SharePoint Online search experience into a front-end post or page using simple to generate shortcode more
EMPLOYEE DIRECTORY
- Embed an intuitve Azure AD / Microsoft Graph based Employee Directory into a front-end post or page more
REST API ENDPOINT PROTECTION
- Protect your WordPress REST API endpoints with a combination of a WordPress cookie and a nonce for delegated access more
DEVELOPERS
- Developers can now connect to a RESTful API for Microsoft Graph in their favorite programming language and without the hassle of authentication and authorization more
- PHP hooks for developers to build custom Microsoft Graph / Office 365 integrations more
Premium Features
PROFILE+
- Update a WordPress user profile with (first, last, full) name, email and UPN from Azure AD
NEW USERS
- Create users in Azure AD B2C / Entra External ID (Azure AD for Customers) from WordPress
SINGLE SIGN-ON
- Visitors are required to sign in with Azure AD / Microsoft but will not be automatically logged in to WordPress
AUDIENCES
- Azure AD group based access restriction for individual front-end posts and pages and post types
- Require a user to log on (and determine the response e.g. redirect to 404, the login page or for Microsoft based SSO)
SYNC
- On-demand / scheduled user synchronization from Azure AD (B2C) to WordPress
- On-demand / scheduled user synchronization from WordPress to Azure AD B2C / Entra External ID (Azure AD for Customers)
ROLES + ACCESS
- WordPress roles assignments / access restrictions based on Azure AD groups / user attributes / login-domains
AVATAR
- Replace the default WordPress / BuddyPress avatar with a Microsoft 365 profile picture
LOGIN+
- Map Microsoft Graph user resource properties to custom WordPress / BuddyPress user profile fields
- Map custom claims in an Azure AD B2C ID token to custom WordPress / BuddyPress user profile fields
- Map custom claims from SAML 2.0 response to custom WordPress / BuddyPress user profile fields
- Support for so-called Multi-Tenancy
- Require Proof Key for Code Exchange (PKCE)
- Force Single Sign-on for the login page
- Dual login
LEARNDASH INTEGRATION
- Auto-enroll users into LearnDash Courses e.g. based on their Azure AD groups memberships.
- Support for LearnDash User Groups.
- Send large attachments (> 3 Mb)
- Send from Microsoft 365 Shared Mailbox
- Send as / Send on behalf / Support for distribution lists
- Log every email sent from your WordPress website, review errors and (automatically) try to send unsuccessfully sent mails again.
- Throttle emails send from your website.
- Mail Staging Mode is useful for debugging and staging environments. WordPress emails will be logged and saved in the database instead of being sent.
- Allow forms / plugins / themes to dynamically set the From address
- Send all emails by default as BCC
GROUPS
- Deep integration with the (itthinx) Groups plugin for group membership and access control
MICROSOFT 365 APPS
- Advanced versions of the apps to embed content of Microsoft 365 services such as Power BI (with support for application owns data scenarios) and SharePoint Online (with support for anonymous users)
SCIM
- (SCIM based) Azure AD User Provisioning to WordPress
REST API ENDPOINT PROTECTION
- Enable Azure AD based protection for your WordPress REST API endpoints
Prerequisites
- Make sure that you have disabled caching for your Website in case your website is an intranet and access to WP Admin and all published pages and posts requires authentication. With caching enabled, the plugin may not work as expected.
- You need to be (Office 365) Tenant Administrator to configure both Azure Active Directory and the plugin
- You may want to consider further restrict access to the otherwise publicly available wp-content directory
Support
WPO365 support is free for everyone. You may open a support ticket at any time. Support for premium features, however, requires a valid license key for a plugin or pass. License keys are issued at the time of purchase.
Configuration
Please consult the online documentation service https://docs.wpo365.com/ and especially the Getting started section for instructions and videos to help you with the initial installation and configuration of Azure Active Directory, WordPress and the WPO365 plugin.