WordPress – User Sync for Azure AD/B2C/Office 365 using Microsoft Graph APIs
WordPress – User Sync for Azure AD/B2C/Office 365 using Microsoft Graph APIs
User Sync from Azure AD Office365 to WordPress can be achieved by using our User Sync for Azure AD Office365 plugin. This plugin uses Microsoft Graph API to fetch all the user's profiles from the Active Directory to the WordPress database. Seamless support for advanced sync features like Bi-directional user sync, automatic user creation & deletion, integration with SharePoint, PowerBI, Office365, Microsoft teams, OneDrive, Azure AD Profile Picture Sync and integration. In addition to this we also support 3rd party plugins like woo-commerce, Learndash, BuddyPress, Memberpress, Paid Membership etc.
Pre-requisites : Download And Installation
To configure Azure AD / Azure B2C with WordPress, you will need to install the User Sync for Azure AD Office 365 plugin:
User Sync for Azure AD Office 365 provides user synchronization from Azure/AzureB2C/Office365 to the WordPress. The plugin uses Microsoft graph API to fetch users from Microsoft Azure active directory.
Steps to configure User Sync for Azure AD Office365 plugin:
If you have already configured Azure AD application then skip step 1 and goto step 2.
1. Configure the Azure AD App registration
Follow the steps below to configure Azure AD Sync plugin:
- Log in to Azure AD Portal https://portal.azure.com/ as an Administrator.
- You will be represented with the home screen of Azure Active Directory.
- Under the Azure Services section, select Azure Active Directory.
- In the left tab, under the Manage section, select App registrations tab.
- Click on the New Registration option.
- Assign the Display Name in the name field and choose the account type.
- In the Redirect URI field, provide the URL of your WordPress site and click on Register button.
- After the registration of an application, Azure AD assigns an unique application ID to your application.
- Navigate to the Overview tab, in the left pane.
- Copy the Application ID and the Directory ID, this will be your Client ID and Tenant ID.
- From the left navigation pane, navigate to the Certificates & secrets tab.
- Click on New client secret. Enter the description and expiration time and click on the ADD option.
- Copy the value of Secret Key. This will be your Client Secret Key.
Add API Permissions to your Azure AD Application:
- Go to API Permissions from the left navigation pane and click on Add a permission option.
- Select Microsoft Graph under the Microsoft APIs tab.
- select Application Permissions and search for the User.
- Under User select User.Read.All and User.ReadWrite.All permission and click on the Add Permissions button.
- Similarly Search for Group in the Application Permission.
- Under Group select Group.Read.All permission and click on the Add Permissions button.
- Click on Grant admin consent for Default Directory and click on Yes on grant admin consent confirmation.
You have successfully configured Azure AD app to achieve User Sync into your WordPress Site.
2. Configure User Sync for Azure AD Office365 plugin
- Navigate to the User Sync for Azure AD/Office365 plugin.
- Under the Manage Application tab, paste the information from the Azure AD App.
- Click on Save button to save the configurations.
| Application ID | Paste the Application ID from Azure AD App. |
| Client Secrets | Paste the Client Secret from the Azure AD App. |
| Redirect URI | Enter the URL of your WordPress site. |
| Tenant ID | Paste the Directory ID from Azure AD App. |
3. Test Connection
- Enter UserPrincipleName / ID of any user of your Azure AD Application and click on the Save button.
- Click on the Test Configuration to check if correct user attributes are getting for the entered UserPrincipleName value.
- On successful configuration you will be to able to view the attributes recieved from Azure AD.
4. Sync User to WordPress Database
- Navigate to the WordPress User Sync tab.
Sync an individual user
- Enter UserPrincipleName / ID of any user of your Azure AD application.
- Click on the Sync button to sync your Azure AD user to your WordPress site Database.
Sync all users
- Click on the Sync All Users button to sync your all Azure AD users to your WordPress site Database.
- The user will be created in the WordPress. If the user already exists then it will get updated.
- Now to view the user attributes which you have sync from Azure AD to WordPress. Navigate to the Users tab in the plugins section.
You have successfully configured User Sync for Azure AD Office365.
2. Configure User Sync for Azure AD Office365 Premium / Enterprise plugin
- Navigate to the User Sync for Azure AD/Office365 Premium / Enterprise plugin.
- Under the Manage Application tab, paste the information from the Azure AD App.
- Click on Save button to save the configurations.
| Application ID | Paste the Application ID from Azure AD App. |
| Client Secrets | Paste the Client Secret from the Azure AD App. |
| Redirect URI | Enter the URL of your WordPress site. |
| Tenant ID | Paste the Directory ID from Azure AD App. |
3. Test Connection
- Now Scroll down to the Test Connection Section in the plugin.
- Enter the Test UPN/ID of the user present in your Active Directory.
- Click on the Save Button.
- After that click on the Test Attributes Button.
- After a successful test connection, you will be able to view the attributes of the user.
4. Basic Attribute Mapping
- Go to Users tab in the plugin.
- Map your attributes recieved from Azure AD (one can view a list of attributes received from Azure in the test connection window) to WordPress attributes, then click on Save.
Advaced Attribute Mapping
- Scroll down to Advanced Attributes Section and click on the Add Attributes button.
- On the left side, enter the " WordPress Attribute Name " which is the meta key of the attribute in which you wish to store the value. On the right side, map it with the corresponding " Azure Attribute Name " received from Azure AD.
- Once you've entered the attribute details and mapped them correctly, click on the “Save” button to save your configuration.
- With the setup complete, the plugin will now automatically synchronize user attributes from Azure AD to the WordPress database during the synchronization process.
5. Role Mapping
- Scroll down to Role Mapping Section.
- Now in the input fields for the roles, enter the group id (i.e. Object id of group in Azure AD) to which a particular role should be assigned.
- For example – If you want to assign the role Editor to a group in your Azure AD of Object ID (6aada18f-5408-46f8-ae09-b1c4fa273f69) type 6aada18f-5408-46f8-ae09-b1c4fa273f69 in the Editor field and click on Save.
- Now whenever a user is synchronized from the group which you have mapped, it will automatically get assigned to the mentioned role.
Enable the Toggle Role/Group Mapping.
6. Profile Picture Sync
- Enable this option if you want to sync the profile picture of the user from Azure AD to WordPress.
Note: If a user in Azure AD does not have a profile picture, you can set a default image by entering its base64-encoded value in the designated field.
7. Sync User to WordPress Database
- Now scroll down to the Active Directory to WordPress Provisioning Section in the plugin.
User Provisioning
- Enable the toggle (Enable Automatic user creation/deletion) and specify the interval in which you again fetch the users and click on Save this will save your settings.
- Now click on Cron Start it will start the scheduler.
Group Provisioning
- Navigate back to the Azure Portal
- Now go to the Overview section from the left navigation panel and click on Groups
- Search for the Group from which you want to sync the users and copy the Object ID.
- Now Go back to the Active Directory to WordPress Provisioning Section in the plugin.
- Now paste the Group ID that you copied previously in the Group ID field.
- Enable the toggle (Enable Automatic user creation/deletion) and specify the interval in which you again fetch the users and click on Save this will save your settings.
- Now click on Cron Start it will start the scheduler.
- You have successfully configured Group Provisioning in the Azure AD Sync Premium plugin.
8. Sync User to Active Directory
- Enables you to synchronize (create/update) your WordPress Users to Azure AD.
Bulk Synchronization of All Users from WordPress to Azure AD.
- Under Manage Application Tab navigate to WordPress to Active Directory Provisioning section.
- Now to start the bulk synchronization process, click on Sync All Users to AD button. This will create a batch of all existing users in your WordPress. One can then start the synchronization process from WordPress to Azure AD by clicking the Start button.
- During synchronization, it will create a user if they don't exist in Azure AD and update the user if they already exist.
Note :- Please note that this feature doesn't synchronize users password from WordPress to Azure AD, it will just create the User with correct details
Manual Synchronization of a user from WordPress to Azure AD.
- To start the manual synchronization of user, simply enter the username of the WordPress user in the search section and click Sync to synchronize the selected user.
Automatic Synchronization of Azure AD User based on User Creation/Updation in WordPress.
- To enable this feature, enable the toggle, Enable Auto User Create in Azure AD and Enable Auto User Update in Azure AD and click on Save.
- Now whenever any user is created on WordPress it will be automatically be created in Azure AD.
- You have successfully configured User Synchronization from WordPress to Azure AD.
Additional Resources
- What is Single Sign-On (SSO)?
- What is SAML?
- Frequently Asked Questions (FAQs)
- User Data Synchronization
If you are looking for anything which you cannot find, please drop us an email on samlsupport@xecurify.com
Why Our Customers choose miniOrange WordPress Single Sign-On (SSO) Solutions?
24/7 Support
miniOrange provides 24/7 support for all the Secure Identity Solutions. We ensure high quality support to meet your satisfaction.
Sign UpExtensive Setup Guides
Easy and precise step-by-step instructions and videos to help you configure within minutes.
Watch DemoWe offer Secure Identity Solutions for Single Sign-On, Two Factor Authentication, Adaptive MFA, Provisioning, and much more. Please contact us at
+1 978 658 9387 (US) | +91 97178 45846 (India) samlsupport@xecurify.com
Need Help? We are right here!
