Introduction
WPO365 can help you integrate your WordPress website with Azure AD B2C to support User Flows such as user sign-up, single sign-on, profile editing and password reset.
Azure AD and Azure AD B2C. Two terms that sound very similar, but are in fact two very different worlds.
Azure AD is widely used as an identity service for employees and partners. Users in Azure AD can get single sign-on access to Microsoft 365 services such as SharePoint, Power BI and Yammer where users collaborate and work together.
Azure AD B2C, on the other hand, is primarily used as an identity service for (online) customers and website visitors. Users in Azure AD B2C can get single sign-on access to business applications and APIs. See https://docs.microsoft.com/en-us/azure/active-directory-b2c/overview for details.
If you are in doubt whether you should configure Azure AD B2C based single sign-on or just Azure AD based single sign-on then most likely your doubts are correct and you should not choose Azure AD B2C.
Supported features
Single Sign-on for Azure AD B2C users
The WPO365 | LOGIN plugin supports – out of the box – Microsoft based Single Sign-on for Azure AD and Azure AD B2C.
Custom Azure AD B2C login domain
Using a custom domain with your application provides a more seamless user experience. From the user’s perspective, they remain in your domain during the sign in process rather than redirecting to the Azure AD B2C default domain .b2clogin.com.
User synchronization from Azure AD B2C to WordPress
The WPO365 | LOGIN plugin is capable of registering a new WordPress user for each new Azure AD B2C that signs in successfully. And when that user signs in again, the plugin is able to update some of the user’s attributes. But this is “just in time” and leaves a website owner with hardly any control over the quality of the user data in WordPress.
WPO365 User synchronization closes this gap. It gives website owners an advanced tool that allows them to update the WordPress user data at regular intervals e.g. several times a day. It also allows for (soft) deletion of users that have closed their account and that should no longer be eligible to sign in.
Embedded login / signup for Azure AD B2C
Recently, Microsoft has added a preview feature for embedded sign-up or sign-in experience (see https://learn.microsoft.com/en-us/azure/active-directory-b2c/embedded-login for configuration details). This feature allows for a simpler sign-up or sign-in experience and you avoid redirecting the users to a separate sign-up or sign-in page, or generating a pop-up window, by using an inline frame.
Choose from multiple Azure AD B2C policies
Website owners can create custom buttons and links that will invoke a specific Azure Active Directory B2C (Azure AD B2C) user experience / user journey e.g. to sign in, sign up or reset a password.
Plugins with these features
Just Azure AD B2C based single sign-on (SSO) is supported by WPO365 | LOGIN that is available at no cost.
All other features on this page – apart from user synchronization – require the LOGIN+ extension.
User synchronization requires the SYNC bundle (which includes all features unlocked by the LOGIN+ extension).
Documentation
- Azure AD B2C based SSO
- Custom Azure AD B2C login domain
- User synchronization from Azure AD B2C to WordPress
- Embedded login / signup for Azure AD B2C
- Choose from multiple Azure AD B2C policies
Videos
There are currently no videos available.