WordPress Login with Azure | WordPress Azure SSO

Configuration Steps

Step 1: Setup Azure B2C as OAuth Provider

• Sign in to Azure portal.
• Select Azure AD B2C.
  
• Please make sure you are in the Azure B2C directory with an active subscription and if not, you can switch to the correct directory.
  
• In the Essentials tab, you will find the Azure B2C domain name, keep it handy, you will need it later for configuring the Azure B2C tenant name under WordPress as an OAuth client.

  What is Tenant Name?
  You will need to copy the highlighted domain name portion only as shown in the below screenshot in order to configure the tenant name in the WordPress OAuth Client plugin.
  Eg. If your domain name is 'exampledomain.onmicrosoft.com', then your tenant name will be 'exampledomain'.

  
  
• Now, click on App registrations and then click on the New registration option to create a new Azure b2c application.
  

• Configure the following options to create a new application:

  • Enter a name for your application under the Name text field.
  • In supported account types, select 3rd option Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
  • In the Redirect URI section, select the Web and enter the Callback URL from the miniOrange Login with Azure plugin (Configure SSO tab) and save it under the Redirect URL textbox.
  • Click on the Register button to create your application.
  
  
• After successful application creation, you will be redirected to the newly created application’s overview page.

  Note: If not redirected to the overview page, you can go to the app registrations and search the name of your application and find your application in the list.

  
  
• Copy your Application ID, required for configuring the Client ID in the Login with Azure plugin.
  
• Now, click on Certificates and secrets and then click on New client secret to generate a client secret.
• Enter a description and click on the Add button.
  
• Copy the secret value from certificates & secrets page. You will need it later for configuring the Client Secret in the WordPress Login with Azure plugin.
  

Step 1.1: Add Users in your Azure B2C application

• Go to the Users tab in the left navigation panel.
  
• Click on New user in the users page.
  
• Select Create New User from the dropdown menu.
• Click on the Create Azure AD B2C option.
  
• Then, scroll down and click on Email from the sign in method and set your password and click create to save the user details to perform test configuration.
  

Step 1.2: How to create & add Azure B2C Policy

• Go to the User Flows tab and then click on New user flow.
  
• Select a User flow type Sign up and Sign in then click on Create button.
  
• Fill all the information e.g. Name, Identity providers, etc. Select the User attributes you want to fetch while Signup. Then click on the Create button.
  
  
• Copy the Policy name this value whenever you need to enter Azure B2C Policy name in miniOrange OAuth Client plugin.

Step 1.3: Add user claims to your application

• Go to the Home page.
• Go to user flows under policies in the left navigation panel and select the configured policy.
  
• Select the Application claims in settings.
  
• Select the desired attributes to be displayed on the test configuration window.
• Click on the Save button.
  

You have successfully configured Azure B2C as OAuth Provider for achieving Azure B2C SSO (Single Sign-On) with WordPress for user authentication

Step 2: Setup WordPress as OAuth Client

• Go to the Configure SSO tab.
• Under the Azure B2C SSO Configuration section, configure the following details:

  Display App Name	As per your choice
  Client ID	Click here
  Client Secret	Click here
  Azure B2C Tenant Name	Click here
  Azure B2C Policy-Name	Click here
  Scope	openid

• Click on the Save Settings.
• Now, click on the Test Configuration.

  Note: If you encounter any issues during Azure Application configuration, feel free to click on the Troubleshoot button or reach out to us at samlsupport@xecurify.com

  

You have successfully configured WordPress as OAuth Client for achieving Azure B2C SSO (Single Sign-On) with WordPress for user authentication.

Step 3: Attribute Mapping

• Attribute Mapping feature allows you to map the user attributes sent by the IDP during SSO to the user attributes at WordPress.
• In the WordPress Login with Azure plugin, go to Attribute/Role Mapping tab and fill up the Username fields in Attribute Mapping section.

  Note: SSO Setup Requires Attribute Mapping Configuration.

  
  

Configuration Steps

To configure SharePoint, you need to adjust the permissions of your Azure AD Application. To do this, follow these steps:

• Navigate to the API Permissions.
• Click on Add a permission and select Microsoft Graphs.
• Now, go to the Application permissions of your Azure AD Application.
• Select the Sites.Read.All permission from the list of available permissions.
• Then, click on the Add permissions button.