Search Results :

×

Configure Azure AD/B2C Single Sign-On (SSO) and SCIM in WordPress.

Configure Azure AD/B2C Single Sign-On (SSO) and SCIM in WordPress.


WordPress Login with Azure ( Azure SSO ) plugin allows you to Login ( Single Sign-On ) to your WordPress site using your Azure ( Azure AD / Azure B2C ) account credentials. This plugin uses SAML / OAuth protocol to achieve Single Sign-on.This plugin also provides SSO with custom applications as well.

Pre-requisites : Download And Installation

To configure WordPress Azure SSO login, you will need to install the miniOrange WordPress (WP) Login with Azure plugin:

WordPress Login with Azure plugin allows all Azure users ( Active Directory Users, B2C Users,and external users ) to login into WordPress with their existing Microsoft Azure account and also create a user account into WordPress. [24/7 SUPPORT]

 Tested with 6.2

Steps to configure Azure AD Single Sign-On (SSO) Login into WordPress (WP)

1. Configure Azure Application

  • Log in to Azure AD / Microsoft Entra ID Portal
  • Click on More services.

  • Wordpress azure ad/b2c integrations | More services
  • Search and select Azure AD / Microsoft Entra ID.

  • Azure AD Single Sign On (SSO) Login | Microsoft Entra ID
  • Select Enterprise Application.

  • Azure AD SCIM user provisioning | Enterprise registrations
  • Click on New Application.

  • WordPress Azure AD Single Sign-On | New Application
  • Click on Create your own Application.

  • configure WP Azure Single Sign On | Add Non-Gallery Application
  • Enter the name for your app, then select Non-gallery application section and click on Create button.

  • configure WP Azure Single Sign On | Add Non-Gallery Application
  • Click on Set up single sign on.

  • WordPress Azure AD Single Sign-On | Add Non-Gallery Application
  • Select the SAML tab.

  • configure WP Azure Single Sign On | Azure AD WP login | Add Non-Gallery Application
  • After clicking on Edit, enter the SP Entity ID for Identifier and the ACS URL for Reply URL from Service Provider Metadata tab of the plugin.

  • WordPress Azure AD Login using Single Sign-On | Edit ACS Url WordPress Azure AD Login using Single Sign-On | Add ACS Url
  • By default, the following Attributes will be sent in the SAML response. You can view or edit the claims sent in the SAML response to the application under the Attributes tab.

  • login with azure ad/b2c user sync | Configure SAML 2.0
  • Copy the App Federation Metadata Url to get the Endpoints required for configuring your Service Provider.

  • login with azure ad/b2c user sync | Setup SAML 2.0
  • Assign users and groups to your SAML application
    • Navigate to Users and groups tab and click on Add user/group.
    • WordPress Azure AD Login using Single Sign-On | assign groups and users
    • Click on Users to assign the required user and then click on Select.
    • login with azure ad/b2c user sync | add users
    • After selecting users click on Assign button.
    • Azure AD Single Sign On (SSO) Login | assign users
    • You can also assign a role to your application under Select Role section.
    • You have successfully configured Azure AD as SAML IdP ( Identity Provider) for achieving WordPress Azure AD SSO.
  • Log in to Azure AD / Microsoft Entra ID Portal
  • Click on More services.

  • Azure AD Single Sign On (SSO) Login | More services
  • Search and select Azure AD / Microsoft Entra ID.

  • Azure AD Single Sign On (SSO) Login | Microsoft Entra ID
  • Select App registrations.

  • Azure AD Single Sign On (SSO) Login | Enterprise registrations
  • Click on New Registration.

  • Wordpress azure ad/b2c integrations | New Application
  • Assign a Name and choose the account type.
  • Click on the Register button.
  • Azure AD Single Sign On (SSO) Login | New Application
  • Now copy the client ID, Tenant ID
  • Azure AD Single Sign On (SSO) Login | New Application
  • For Client secret, click on add a certificate or secret.
  • Then, click on the New client secret.
  • Wordpress azure ad/b2c integrations | New Application
  • Fill the Description field and click on the Add button.
  • WordPress Azure AD Single Sign-On | New Application
  • Copy the Client Secret from the Value column, you will need this to configure WP Login with Azure plugin.
  • Wordpress azure ad/b2c integrations | New Application
  • For adding Redirect URI, click on the Add a Redirect URL.
  • Then, click on the Add a Platform.
  • WordPress Azure AD Single Sign-On | New Application
  • Select the Web applications option.
  • Wordpress azure ad/b2c integrations | New Application
  • Enter the Callback URL ( Redirect URI ) from the WP Login with Azure Plugin under the Redirect URI field and click on the Configure button.
  • Wordpress azure ad/b2c integrations | New Application

2. Configure WP Login with Azure plugin

  • To configure WP Azure Single Sign On using WordPress Login with Azure plugin, click on the Start Configuring button.
  • Wordpress azure ad/b2c integrations | Start Configurations
  • Now, under the Upload IDP Metadata section, select the uploading method with the Select Metadata Fetch Method dropdown.
  • configure WP Azure Single Sign On | Upload Metadata Options
  • In the File option, you can choose the Metadata file by using the Choose File button and click on the Upload And Test button.
  • Wordpress azure ad/b2c integrations | File Upload
  • Using the URL method, put the Metadata URL and click on the Fetch And Test button.
  • Wordpress azure ad/b2c integrations | URL Upload
  • You can also manually configure the plugin, click on the downward button to open the manual settings.
  • Here provide the plugin with the required settings (i.e. IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) as provided by your Azure Application and click on the Save Configuration button.
  • Wordpress azure ad/b2c sso | Mannual Metadata Configuration
  • To test the Single Sign On, you can click on the Test Configuration button.
  • On successful connection, in the test window, some default attributes will be sent from Azure and will be available for Attribute Mapping.
  • Now, navigate to the SSO Settings tab. Under the Attribute Mapping section you can map the user attributes sent by the IDP during SSO to the user attributes at WordPress.
  • In the Free version of plugin, you can only map one attribute (ie., Username).
  • Wordpress azure ad/b2c sso | Attribute Mapping
  • You have successfully configured the WordPress Azure AD Single Sign On (SSO) using the WordPress Login with Azure.
  • To configure WP Azure Single Sign On using WordPress Login with Azure plugin, click on the Start Configuring button.
  • Wordpress azure ad/b2c sso | More services
  • Under Step 1 section in the WordPress Login with Azure plugin, select the OAuth Protocol from the Select Protocol dropdown.
  • Under the Configure OAuth Provider section, fill all the required fields (Client ID, Client secret, Tenant ID) that you have copied from your Azure Application.
  • Click on the Save Configuration button.
  • Wordpress azure ad/b2c sso | More services
  • To test the Single Sign On, you can click on the Test Configuration button.
  • On successful connection, in the test window, some default attributes will be sent from Azure and will be available for Attribute Mapping.
  • Now, navigate to the SSO Settings tab. Under the Attribute Mapping section you can map the user attributes sent by the IDP during SSO to the user attributes at WordPress.
  • In the Free version of plugin, you can only map one attribute (ie., Username).
  • Wordpress azure ad/b2c sso | More services
  • You have successfully configured the WordPress Azure AD Single Sign On (SSO) using the WordPress Login with Azure.

SCIM Provisioning

Follow the steps below for configuring Azure AD SCIM User Provisioning in WordPress (WP):

    configure WP Azure Single Sign On | miniorange img Configure WP Login with Azure plugin
    • To configure SCIM Provisioning using WordPress Login with Azure plugin, click on the Start Configuring button.
    • Azure AD Single Sign On (SSO) Login | More services
    • Under the SCIM API Credentials section, enable the Enable SCIM User Provisioning toggle.
    • Copy the SCIM Base URL and the SCIM Bearer token, you will need it for configuring on the Azure side.
    • Azure AD Single Sign On (SSO) Login | More services
    configure WP Azure Single Sign On | miniorange img Configure Azure Application
    • Log in to Azure AD / Microsoft Entra ID Portal
    • Click on More services.

    • Azure AD Single Sign On (SSO) Login | More services
    • Search and select Azure AD / Microsoft Entra ID.

    • Azure AD SCIM user provisioning | Microsoft Entra ID
    • Select Enterprise Application.

    • configure WP Azure Single Sign On | Enterprise registrations
    • Click on New Application.

    • WordPress Azure AD Single Sign-On | New Application
    • Click on the Create your own Application.
    • Azure AD Single Sign On (SSO) Login | More services
    • Give a suitable name to your user provisioning application and select the non-gallery application option.
    • configure WP Azure Single Sign On | More services
    • Click on Provisioning from the left menu.
    • Azure AD SCIM user provisioning | More services
    • Click on Get started.
    • configure WP Azure Single Sign On | More services
    • Select Automatic from the Provisioning Mode dropdown.
    • Enter the SCIM Base URL and SCIM Bearer Token, that you copied in the earlier steps.
    • Click on Test Connection to verify the credentials.
    • Then, click on the Save button.
    • configure WP Azure Single Sign On | More services
    Azure AD SCIM user provisioning | miniorange img User Creation Flow
    • To Assign users to your application, go to the Users and groups tab.
    • Then, click on the Add user/group.
    • Azure AD SCIM user provisioning | More services
    • Click on None Selected.
    • Then, choose the users you want to assign to your application and click on the Select button.
    • configure WP Azure Single Sign On | More services
    • Click on the Assign button.
    • Azure AD SCIM user provisioning | More services
    • Once done with configuration, Go back to Provisioning and click on Start provisioning.
    • configure WP Azure Single Sign On | More services
    • Now, the Assigned users will be created in your WordPress site if they are not already present.

You have successfully configured the WordPress Azure AD SCIM user provisioning using the WordPress Login with Azure.


In this Guide, you have successfully configured Wordpress Azure AD/B2C SSO (Azure AD WP SSO Login) and Azure AD SCIM User Provisioning using WordPress Login with Azure plugin. In minutes, our solution ensures swift setup for secure access to your WordPress (WP) site using Azure AD login credentials.


If you are looking for anything which you cannot find, please drop us an email on samlsupport@xecurify.com

Additional Resources

Why Our Customers choose miniOrange WordPress Single Sign-On (SSO) Solutions?


24/7 Support

miniOrange provides 24/7 support for all the Secure Identity Solutions. We ensure high quality support to meet your satisfaction.

Sign Up

Customer Reviews

See for yourself what our customers say about us.
 

Reviews

Extensive Setup Guides

Easy and precise step-by-step instructions and videos to help you configure within minutes.

Watch Demo


We offer Secure Identity Solutions for Single Sign-On, Two Factor Authentication, Adaptive MFA, Provisioning, and much more. Please contact us at

 +1 978 658 9387 (US) | +91 97178 45846 (India)   samlsupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com