All-in-One Microsoft Office 365 Apps + Azure/EntraID Login | WordPress Azure SSO

Configuration Steps

Step 1: Setup Microsoft Entra ID (Azure AD) as OAuth Provider

• Sign in to Microsoft Entra ID (Azure AD) portal to start setting up your wordpress office 365 integration.
• Click on the Microsoft Entra ID (Azure AD).
  
• From the left navigation panel, select the App registrations service.
• Click on the New registration.
  

• Configure the following options to create a new application:

  • Enter a name for your application under the Name text field.
  • In supported account types, select 3rd option Accounts in any organizational directory (for authenticating users with user flows).
  • In the Redirect URI section, select the Web.
  • Enter the Callback URL from the All-in-One Microsoft Office 365 Apps plugin (Configure SSO tab) and save it under the Redirect URL textbox.
  • Click on the Register button to create your application.
    
• Microsoft Entra ID (Azure AD) assigns a unique Application ID to your application, crucial for your wordpress office 365 integration configuration.
• The Application ID is your Client ID and the Directory ID is your Tenant ID.

  Note: Keep these values handy as you will need them to configure the All-in-One Microsoft Office 365 Apps plugin.

  
  
• Go to Certificates and Secrets from the left navigation panel and click on the New Client Secret.
• Enter Description and Expiration Time and click on the ADD option.
  
• Copy the secret key’s Value for completing your wordpress office 365 integration setup.

  Note: Required later to configure Client Secret under the miniOrange All-in-One Microsoft Office 365 Apps Plugin.

  
  

You have successfully configured Microsoft Entra ID (Azure AD) as OAuth Provider, enabling effortless Azure AD OAuth Single Sign-On (SSO) and authorization for your users accessing WordPress.

Step 2: Setup WordPress as OAuth Client

• Under the EntraID (AzureAD) section, navigate to the Configure Application tab.
  
• In the Entra ID SSO Configurations section, configure the following details:

  Display App Name	As per your choice
  Client ID	Click here
  Client Secret	Click here
  Scope	openid
  Entra ID Tenant ID	Click here

• Click on the Save Settings.
• Now, click on the Test Configuration.

  Note: If you encounter any issues during Azure Application configuration, feel free to click on the Troubleshoot button or reach out to us at samlsupport@xecurify.com

  
  

You have successfully configured Microsoft Entra ID (Azure AD) as OAuth Provider, enabling effortless Azure AD OAuth Single Sign-On (SSO) and authorization for your users accessing WordPress with a seamless wordpress office 365 integration.

Step 3: Attribute Mapping

• Attribute Mapping feature allows you to map the user attributes sent by the IDP during SSO to the user attributes at WordPress.
• In the All-in-One Microsoft Office 365 Apps plugin, go to Attribute/Role Mapping tab and fill up the Username fields in Attribute Mapping section.

  Note: SSO Setup Requires Attribute Mapping Configuration.

  
  

If you are looking for anything which you cannot find, please drop us an email on samlsupport@xecurify.com

Configuration Steps

Step 1: Setup Azure B2C as OAuth Provider

• Sign in to Azure portal.
• Select Azure AD B2C.
  
• Please make sure you are in the Azure B2C directory with an active subscription and if not, you can switch to the correct directory.
  
• In the Essentials tab, you will find the Azure B2C domain name, keep it handy, you will need it later for configuring the Azure B2C tenant name under WordPress as an OAuth client.

  What is Tenant Name?
  You will need to copy the highlighted domain name portion only as shown in the below screenshot in order to configure the tenant name in the WordPress Office 365 integration.
  Eg. If your domain name is 'exampledomain.onmicrosoft.com', then your tenant name will be 'exampledomain'.

  
  
• Now, click on App registrations and then click on the New registration option to create a new Azure b2c application.
  

• Configure the following options to create a new application:

  • Enter a name for your application under the Name text field.
  • In supported account types, select 3rd option Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
  • In the Redirect URI section, select the Web and enter the Callback URL from the All-in-One Microsoft Office 365 Apps plugin (Configure SSO tab) and save it under the Redirect URL textbox.
  • Click on the Register button to create your application.
  
  
• After successful application creation, you will be redirected to the newly created application’s overview page.

  Note: If not redirected to the overview page, you can go to the app registrations and search the name of your application and find your application in the list.

  
  
• Copy your Application ID, required for configuring the Client ID in the Login with Azure plugin.
  
• Now, click on Certificates and secrets and then click on New client secret to generate a client secret.
• Enter a description and click on the Add button.
  
• Copy the secret value from certificates & secrets page. You will need it later for configuring the Client Secret in the All-in-One Microsoft Office 365 Apps plugin.
  

Step 1.1: Add Users in your Azure B2C application for WordPress Azure B2C SSO

• Go to the Users tab in the left navigation panel.
  
• Click on New user in the users page.
  
• Select Create New User from the dropdown menu.
• Click on the Create Azure AD B2C option.
  
• Then, scroll down and click on Email from the sign in method and set your password and click create to save the user details to perform test configuration.
  

Step 1.2: How to create & add Azure B2C Policy

• Go to the User Flows tab and then click on New user flow.
  
• Select a User flow type Sign up and Sign in then click on Create button.
  
• Fill all the information e.g. Name, Identity providers, etc. Select the User attributes you want to fetch while Signup. Then click on the Create button.
  
  
• Copy the Policy name this value whenever you need to enter Azure B2C Policy name in miniOrange OAuth Client plugin.

Step 1.3: Add user claims to your application

• Go to the Home page.
• Go to user flows under policies in the left navigation panel and select the configured policy.
  
• Select the Application claims in settings.
  
• Select the desired attributes to be displayed on the test configuration window.
• Click on the Save button.
  

You have successfully configured Azure B2C as OAuth Provider for achieving Azure B2C SSO (Single Sign-On) with WordPress for user authentication

Step 2: Setup WordPress as OAuth Client for WordPress Azure B2C SSO

• Go to the Configure Application tab.
  
• Under the Azure B2C SSO Configurations section, configure the following details:

  Display App Name	As per your choice
  Client ID	Click here
  Client Secret	Click here
  Azure B2C Tenant Name	Click here
  Azure B2C Policy-Name	Click here
  Scope	openid

• Click on the Save Settings.
• Now, click on the Test Configuration.

  Note: If you encounter any issues during Azure Application configuration, feel free to click on the Troubleshoot button or reach out to us at samlsupport@xecurify.com

  

You have successfully configured WordPress as OAuth Client for achieving Azure B2C SSO (Single Sign-On) with WordPress for user authentication.

Step 3: Attribute Mapping

• Attribute Mapping feature allows you to map the user attributes sent by the IDP during SSO to the user attributes at WordPress.
• In the All-in-One Microsoft Office 365 Apps plugin, go to Attribute/Role Mapping tab and fill up the Username fields in Attribute Mapping section to ensure proper azure office365 integration.

  Note: SSO Setup Requires Attribute Mapping Configuration.

  
  

If you are looking for anything which you cannot find, please drop us an email on samlsupport@xecurify.com

Configuration Steps

Step 1: Configure Microsoft SharePoint

If you are looking for anything which you cannot find, please drop us an email on samlsupport@xecurify.com

Steps to configure Azure AD for WP PowerBI Integration

Step 1: Configure the Azure AD App registration

• Click the Configure Entra App button to begin the configuration process.
  
• Follow the instructions from Azure AD SSO to configure the Azure Application.

 Add API Permissions to your Azure AD Application:

• Go to API Permissions from the left navigation pane and click on Add a permission option.
  
• Select Microsoft Graph under the Microsoft APIs tab.
  
• Select Application Permissions and search for the User.
  
• Under User select User.Read.All permission and click on the Add Permissions button.(Microsoft Graph)
  
• Again, click on the Add a permission option.
  
• Now select PowerBI Service.
  
• Select the Delegated Permissions option and search for your Report.
  
• Under Report, select Report.Read.All permission and click on the Add Permissions button.
  
• Now click on Grant admin consent for Default Directory.
  
• In the popup that opens, click on Yes.
  
• You can refer to the below image to verify if all the permissions that you have configured are correct and the same as the given image.
  
• Now you have successfully configured the Azure AD application.

Step 2: Configure the PowerBI Dashboard

• Go to the PowerBI dashboard and login as an administrator.
• You will be represented with the home screen of the PowerBI.
• On the top right corner, click on settings icon as shown below.

• Under the Settings pane as displayed, click on the Admin portal option.

• In the Admin Portal section, under the Tenant settings, scroll down to the Developer settings.
• Click on Service principals can use Fabric APIs.

• Enable the toggle, select the option Apply to the entire organization and then proceed by clicking on Apply.

• Now click on Allow service principals to create and use profiles.

• Enable the toggle, select the option Apply to the entire organization and then proceed by clicking on Apply.

• Scroll down to the Admin API settings, enable the toggle and then choose the option of Specific security groups.
• Search for Allow PowerBI Admin APIs then click on Apply.

• Navigate back to the Home page. Select the Workspaces tab from the left pane and then select your workspace from the list.

• Navigate to the Manage Access option in the navbar as shown in the screenshot below.

• When you click on Manage Access, you will be presented with a screen showing the current users and security groups having access to the workspace.
• You can then click on Add people or groups so as to provide access.

• After that, you will need to select Admin from the dropdown and add the user according to your requirements.

• After you have completed configuring the access for the workspace, select the report that you want to embed in WordPress page or post.
• Then copy the Workspace_ID and Report_ID from the URL as shown in the below image and keep it handy as you will need it further.

Step 3: Configure and View PowerBI Content using SSO

• Click on the Use Configured Entra App button.
  
• Under the Configure PowerBI section, configure the following details:

  Note: You can also navigate to the Embed PowerBI Reports tab to obtain the shortcode.

  Workspace ID	Click here
  Report ID	Click here

• And, click on the Generate Shortcode button.
  
• You can navigate to Embed PowerBI Reports tab, copy the provided shortcode and paste the shortcode onto any page to display the Power BI reports.
  

If you are looking for anything which you cannot find, please drop us an email on samlsupport@xecurify.com