If you have further questions after reading the online documenation, the troubleshoot guide or the plugin is not working according to your expectations, you can always ask for help and you can expect a reply within 24 hours (or 48 during weekends).
Could not create or retrieve your login
There are various reasons why you may be seeing this error e.g.
- The (Office 365 / Azure AD) user you are trying to sign in with does not have an email. If you still want to be able to sign in with this user you can navigate to WP Admin > WPO365 > Miscellaneous and check the option Use older ID token parser. The older ID token will fake an email address by using the user’s (Office 365 / Azure AD) login name instead. Obviously, that user may not be able to receive any emails that WordPress sends to this address. Also, if you decide to use the older ID token parser you should uncheck the option Use Azure AD V2 that can be found on the Single Sign-on tab of the plugin’s wizard.
- You just upgraded from an older version and haven’t yet switched to using Azure AD App registration V2. Please note that switching is not mandatory and requires you to update the App registration in Azure AD for the your WordPress website. See http://www.wpo365.com/azure-application-registration/#upn for details on how to (manually) update the App registration’s manifest.
- The (Office 365 / Azure AD) user you are trying to sign in with does have an email address but you are not requesting Microsoft to send it as part of the authentication response (sent by Microsoft when it redirects the user back after successfully having authenticated). See http://www.wpo365.com/azure-application-registration/#upn for a detailed instruction on how to request a user’s email.
- The (Office 365 / Azure AD) user you are trying to sign in with does have a valid login name (= user principal name) but you are not requesting Microsoft to send it as part of the authentication response (sent by Microsoft when it redirects the user back after successfully having authenticated). See http://www.wpo365.com/azure-application-registration/#upn for a detailed instruction on how to request a user’s upn.
There are various reasons why you may be seeing this error e.g.
- Update Failed: Download failed. cURL error 6: Could not resolve host: no-download-link-found You will see this error when you try and update an older version but haven’t added your personal download link to the plugin’s configuration. To obtain your personal download link, navigate to http://www.wpo365.com/your-account/ and log into the website to see your list of purchases. For the purchase in question click View details and downloads and right click the download link and copy it to the clipboard. Now navigate to WP Admin > WPO365 > Downloads and paste the download link. Now navigate back to WP Admin > Plugins and try to update again.
- Update Failed: Download failed. Forbidden You will see this error when you try and update an older version and the download link expired. To resolve the issue at hand you can follow the same instructions as documented under the first bullet
Update Failed: Download failed. Unauthorized You will see this error when you try to update a newer version of the plugin that requires you to activate the license key that was sent to you when you first purchased the plugin. Please watch this short video to https://youtu.be/WJQUw8xXtaI for instructions on how to obtain your license key and how to activate it.
User not found
If you are using the basic (free) version of the plugin, you might have missed the fact that you need to manually create WordPress users that correspond to Office 365 / Azure AD users (see video at 2.58s). The professional and premium version will automatically create WordPress users for you.
Automatic update is unavailable for this plugin
If you see the notice There is a new version of WPO365 Login (professional) available. View version x.x details. Automatic update is unavailable for this plugin. you haven’t probably activated your license yet. For instructions on how to activate your plugin’s license please have a look at this video https://youtu.be/WJQUw8xXtaI. Once you’ve activated the license the notice will change (possibly after a few hours since the update-information is cached) to There is a new version of WPO365 Login (professional) available. View version x.x details. Update now.
If you want to better understand why the plugin is not working, it may be a good idea to enable (debug) logging.
Since version 7.11 that was released on 9th April 2019 you can enable debugging comfortably from the Debug tab of the plugin’s configuration wizard.
If you’d like to see more than the latest 1.000 debug entries, you can still enable debugging in WordPress and expect all log lines being written to the default WordPress debug log. You can do this by changing the following line in the wp-config file
define( 'WP_DEBUG', false );
define( 'WP_DEBUG', true );
and by adding the following lines:
define( 'WP_DEBUG_DISPLAY', false);
define( 'WP_DEBUG_LOG', true );
You should now find the WordPress debug.log in the wp-content directory. There is a possibility that your website hoster has diverted debug / error output to a standard PHP log file. In this case you may need to ask your hoster where you can find the latest debug / error logs. Once everything is working correctly you should turn this logging of because the file quickly grows and nobody wants a server running out of diskspace.
If the plugin silently fail, there is an ever so slight chance that the key NONCE_SALT is missing in your wp-config.php file.
When your WordPress website runs in a hosting environment with enhanced caching capabilities, changes are that your run into all kind of unexpected problems. This may especially be the case, if you configured the plugin to authenticate all requests (see Intranet Scenario). In this case the caching service offered by a caching plugin e.g. WP Rocket or by your hosting provider may intercept page requests and serve static HTML as a response (instead of WordPress processing the requested page from scratch). It is easy to see that this basically neutralizes the functionality of the plugin. Most caching plugins and WordPress specialized hosting providers, however, ensure that caching is only intercepting requests to the WordPress front-end. So if you are using the WPO365 login plugin to offer content editors a simplified and standardized way to login to the WordPress backend you should still be able to do so, but make sure that you configure the redirect url so that it points to the WordPress backend e.g. “https://www.your-website.com/wp-admin/” (and yes, the trailing slash is important as you can read below). Please be aware that you must enter the redirect url twice:
- On the WPO365 Options page in WordPress Admin
- As Reply URL for the registered app in your Azure Active Directory
Your logon might be tampered with
When you try to logon and you’re redirected to the default WordPress logon screen and see the message Your logon might be tampered with you can try a couple of things to overcome this.
Customers have reported that signing out of Office 365 and then navigating back to the WordPress site (and subsequently sign in again with Microsoft) resolved the issue.
Alternatively, try and disable any caching plugin e.g. WP Rocket serving a cached response or purge the cache (when your hoster has enabled server side caching for your website).
Last but not least, verify that the setting Don’t try bypassing (server side) cache is checked.
After activation the browser is stuck in a loop
There are multiple reasons why this happens. But in general it means that plugin does not detect the answer sent by Microsoft after a user authenticated successfully. So please go back to our installation instructions and read the section on how to configure the signon-url.
Ps, You can also be stuck in a loop when you use a self-signed certificate and without noticing you may unwantedly be redirected from a secure https connection to an none-secure http connection.
Login immediately after logout
If you got everything working but when you click logout you’re sent immediately back to Microsoft’s signin page and you have the All In One WP Security plugin installed then please try and deactivate this plugin and try again. We’re currently looking into this issue, but currently it’s not solved.
In general you should not see this error anymore if you use the latest version. In previous versions of the plugin it would use the App registered in Azure Active Directory to sign in the user. This required an Azure Active Directory Global Administrator to grant permission on behalf of the user. Forgetting to do so or not being able to do so because you’re not a Global Administrator would result in an access denied error. However, in the current version, the plugin requests access to Azure Active Directory instead. Now, if the Global Administrator didn’t grant permission on behalf of all users, the user himself can consent to the App reading his user information.
Access Denied (premium version)
Access Denied (premium version)
Our premium version of the WPO365 login plugin supports Access Control based on users being a member of either an Office 365 or an Azure AD Security group. However, the Registered Apps manifest needs to modified accordingly, for this information to be sent to your WordPress website. To do so, click “Manifest” as visible in the previous screenshot. Edit the manifest as shown below.
User that is created has an incorrect email address
There are rougly three types of accounts that can log on to Azure Active Directory: Work, School and Personal. Depending on what account you use the user information that the plugin receives is slightly differently structured. For example, an MSA account (= Microsoft Account that for example ends with @live.com or @outlook.com) has a separate field for email that is missing for a work account. Currently all account types are probably supported but if you still experience this error then please contact us directly for support.