Microsoft tenant / multi-tenant login into WordPress (WP) using WP OAuth Single Sign-On (SSO) Plugin

Microsoft tenant / multi-tenant login into WordPress (WP) using WP OAuth Single Sign-On (SSO) Plugin


If you have a WordPress website where you want to have number of separate Microsoft (Office 365 / Azure AD - AAD) tenants login / authenticate, then you are looking at the right place. Multiple tenant (Multi-tenant) Login /SSO is possible in multiple ways. Please try the following options for multitenant login setup. You can reach out to us at oauthsupport@xecurify.com for support.


Select your application for an end to end Single Sign-on (SSO) setup.


Different ways to configure WordPress SSO / Login for multi-tenant users in Microsoft (Office 365 / Azure AD)

1. Single or Multiple tenant SSO setup via Single SSO Application

    A] Single Tenant Login

    • Go to WordPress OAuth Client Single Sign-On (SSO) plugin.
    • Select your Configured microsoft application and in the field of Tenant add your application tenant id, as shown in the below screenshot.And click on Save Settings button.

    • Microsoft Office 365 / Azure AD multi tenant login
    • You can now login with a personal Microsoft account.

    B] Common Login for all Tenants

    • Go to WordPress OAuth Client plugin.
    • Select your Configured microsoft application and in the field of Tenant, replace the current tenant id with ‘common’ as shown in the below screenshot.Click on save settings button.

    • Microsoft Office 365 / Azure AD multi tenant login
    • By using SSO, users can log in from any Microsoft application as well as using their own personal Microsoft accounts.

2. Multitenant SSO setup via Tenant Specific SSO Applications

  • Go to WordPress OAuth Client Single Sign-On (SSO) plugin.
  • Create a separate Microsoft application for each tenant.(as shown in the below image)

  • Microsoft Office 365 / Azure AD multi tenant login
  • Once you have added multiple applications with different tenants, go to your WordPress Login page. (Eg. https:// < your-wordpress-domain>/wp-login.php) and you will see the SSO login buttons for each tenant.
  • Microsoft Office 365 / Azure AD multi tenant login
  • Now, for single login flow go to the Sign In Settings tab -> Advanced Settings -> Enable Single Sign In Flow and click on Save Settings button in the plugin.
  • Microsoft Office 365 / Azure AD multi tenant login Microsoft Office 365 / Azure AD multi tenant login
  • After Saving the settings, You will get an option to add the "Display Name for Common Login Button".

  • Microsoft Office 365 / Azure AD multi tenant login page
  • When the user tries to login to your website, the user is able to see the Login Widget as below.

  • Microsoft Office 365 / Azure AD multi tenant login page
  • After clicking on that sso button, users will be redirected to a page, where they will be asked to select the application/domain/group to login into the website.

  • Microsoft Office 365 / Azure AD multi tenant login page
  • After selecting an application, the user will be redirected to microsoft app for authentication. After authentication, users will be logged in to WordPress site and a new user is also created in WordPress.

3. Multitenant SSO setup based on Tenant specific E-Mail Domains

    This feature allows you to restrict the user login based on configured domains. You can allow/deny the user login based on email domain.

  • Go plugin and click on Sign In Settings tab -> Advanced Settings -> Restricted Domains.
  • In the configuration, you can add the domain, for example. tenant1@abc.com, tenant2@xyz.com, tenant3@pqr.org, separated by commas (,).
  • Microsoft Office 365 / Azure AD multi tenant login Microsoft Office 365 / Azure AD multi tenant login
  • If you enable the Allow restricted Domains option then, users will not be able to log in using the configured domains in the restricted domains field.
  • Microsoft Office 365 / Azure AD multi tenant login
  • When the user tries to login from a restricted domain, he will be denied the login and shown this screen.
  • Microsoft Office 365 / Azure AD multi tenant login

4. Customized flow

If none of the options above suit you, please contact us at oauthsupport@xecurify.com so we can discuss the requirements and design a customized solution for you.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com