Azure AD B2C


WPO365 can help you integrate your WordPress website with Azure AD B2C to support User Flows such as user sign-up, single sign-on, profile editing and password reset.

Azure AD and Azure AD B2C. Two terms that sound very similar, but are in fact two very different worlds.

Azure AD is widely used as an identity service for employees and partners. Users in Azure AD can get single sign-on access to Microsoft 365 services such as SharePoint, Power BI and Yammer where users collaborate and work together.

Azure AD B2C, on the other hand, is primarily used as an identity service for (online) customers and website visitors. Users in Azure AD B2C can get single sign-on access to business applications and APIs. See for details.

If you are in doubt whether you should configure Azure AD B2C based single sign-on or just Azure AD based single sign-on then most likely your doubts are correct and you should not choose Azure AD B2C.

Supported features

Single Sign-on for Azure AD B2C users

The WPO365 | LOGIN plugin supports – out of the box – Microsoft based Single Sign-on for Azure AD and Azure AD B2C.

A typical single sign-on (SSO) configuration page whit Azure AD B2C as the desired identity provider
Custom Azure AD B2C login domain

Using a custom domain with your application provides a more seamless user experience. From the user’s perspective, they remain in your domain during the sign in process rather than redirecting to the Azure AD B2C default domain

User synchronization from Azure AD B2C to WordPress

The WPO365 | LOGIN plugin is capable of registering a new WordPress user for each new Azure AD B2C that signs in successfully. And when that user signs in again, the plugin is able to update some of the user’s attributes. But this is “just in time” and leaves a website owner with hardly any control over the quality of the user data in WordPress.

WPO365 User synchronization closes this gap. It gives website owners an advanced tool that allows them to update the WordPress user data at regular intervals e.g. several times a day. It also allows for (soft) deletion of users that have closed their account and that should no longer be eligible to sign in.

Embedded login / signup for Azure AD B2C

Recently, Microsoft has added a preview feature for embedded sign-up or sign-in experience (see for configuration details). This feature allows for a simpler sign-up or sign-in experience and you avoid redirecting the users to a separate sign-up or sign-in page, or generating a pop-up window, by using an inline frame.

Choose from multiple Azure AD B2C policies

Website owners can create custom buttons and links that will invoke a specific Azure Active Directory B2C (Azure AD B2C) user experience / user journey e.g. to sign in, sign up or reset a password.

Plugins with these features

Just Azure AD B2C based single sign-on (SSO) is supported by WPO365 | LOGIN that is available at no cost.

All other features on this page – apart from user synchronization – require the LOGIN+ extension.

User synchronization requires the SYNC bundle (which includes all features unlocked by the LOGIN+ extension).



There are currently no videos available.

Quick Links