Azure B2C Single Sign On SSO to WordPress End to End Setup Guide | Azure B2C Login

WordPress OAuth/OpenID Single Sign-On plugin gives the ability to enable OAuth/OpenID Single Sign-On for WordPress. If you want users to log in to your WordPress site using their Azure B2C credentials, you can simply do it using our WP OAuth Client plugin. Once you configure the Azure B2C with WordPress plugin, you can allow users to SSO to your WordPress site using Azure B2C. To know more about other features we provide in WP OAuth Client plugin, you can click here.



You can download OAuth Client plugin using the following link.




Download And Installation

  • Log into your WordPress instance as an admin.
  • Go to the WordPress Dashboard -> Plugins and click on Add New.
  • Seach for a WordPress OAuth Single Sign On plugin and click on Install Now.
  • Once installed click on Activate

Step 1: Setup Azure Active Directory B2C as OAuth Provider

  • Sign in to Azure portal.
  • Go to Home and search Azure B2C in search bar and select Azure AD B2C.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Azure AD B2C.png
  • Click on Applications and then on Add option to add a new application.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Applications.png
  • Configure following options to create new application.
    • Enter a name for your application under the Name text field.
    • Select Yes from the options in front of Web APP and No from options in front of Allow Implicit Flow.
    • Copy Callback URL from the miniOrange OAuth Client plugin (Configure OAuth tab) and save it under the Reply URL textbox.
    • Click on the Create button to create your application.
    • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Create
  • Click on the Applications option under the Manage Menu in the left navigation bar and you will find your application listed there. Click on your application.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Applications option
  • Copy your Application ID and save it under your Client ID textbox in your miniOrange OAuth Client plugin. Then, click on the Keys option to generate a key.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Application ID
  • Click on the Generate Key option and enter key name and click on the Save option.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Generate Key
    • It will generate a random string which you will store as Client secret in your miniOrange OAuth Client plugin.
    • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Client secret.png
  • Now, go to your dashboard and go to Azure Active Directory -> Properties. Copy the Directory ID and substitute this value whenever you need to enter Tenant ID in miniOrange OAuth Client plugin.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Azure Active Directory .png

Step 1.1: How to create & add Policy

  • Go to User Flows tab and then click on New user flow.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO user flow .png
  • Select a User flow type Sign up and Sign in then click on Create button.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login sect user flow .png
  • Fill all the information e.g. Name, Identity providers, etc. then click on Create button.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login information of user flow .png
  • Copy the Policy name this value whenever you need to enter Azure B2C Policy in miniOrange OAuth Client plugin.

  • Azure B2C Endpoints and Scope:

    Scope: openid
    Authorize Endpoint: https://tenant.b2clogin.com/tenant.onmicrosoft.com/policy/oauth2/v2.0/authorize
    Access Token Endpoint: https://tenant.b2clogin.com/tenant.onmicrosoft.com/policy/oauth2/v2.0/token
    Get User Info Endpoint: https://graph.microsoft.com/v1.0/me

Step 2: Setup WordPress as OAuth Client

  • Go to Configure OAuth tab and configure App Name, Client ID, Client Secret, Tenant name and Policy from provided Endpoints
  • openid is already filled.
  • Click on Save Settings to save the configuration.
  • login with azure b2c

Step 3: User Attribute Mapping

  • User Attribute Mapping is mandatory for enabling users to successfully login into WordPress. We will be setting up user profile attributes for WordPress using below settings.
  • Finding user attributes

    • Go to Configure OAuth tab. Scroll down and click on Test Configuration.
    • wordpress sso-14
    • You will see all the values returned by your OAuth Provider to WordPress in a table. If you don't see value for First Name, Last Name, Email or Username, make the required settings in your OAuth Provider to return this information.
    • Once you see all the values in Test Configuration, go to Attribute / Role Mapping tab, you will get the list of attributes in a Username dropdown.
    • wordpress sso

Step 4: Login Settings / Sign In Settings

  • The settings in SSO Settings tab define the user experience for Single Sign On. To add a login widget on your WordPress page, you need to follow below steps.
  • Sign In Settings

    • Go to WordPress Left Panel > Appearances > Widgets.
    • Select "miniOrange OAuth". Drag and drop to your favourite location and save.
    • jira sso-16
    • Open your Wordpress page and you can see the login button there. You can test the SSO now.