WordPress OAuth & OpenID Connect Single Sign-On (SSO) plugin allows you to enable Single Sign-On (SSO) with Azure AD & Multi factor authentication (MFA) with Azure for your WordPress Site.

Multi Factor authentication (MFA) offers an extra layer of security to the sign-in process. It requires users to authenticate their identity through a variety of methods. Instead of simply requesting a username and password. MFA is used to limit access to internal IT systems and solutions.

Azure Single Sign-On (SSO) login for WordPress can be achieved by using our WordPress OAuth Single Sign-On(SSO) plugin. This solution ensures that you are ready to roll out secure access to your WordPress(WP) site using Azure login credentials within minutes & to provide extra layer of protection Azure AD Multi-Factor Authentication and Conditional Access policies offer users to enable MFA during their sign-in process with their WordPress site.

How to enable SSO and Multi-Factor Authentication with Azure?

To enable and use Azure AD Multi-Factor Authentication is with Conditional Access policies. Conditional Access allows you to specify policies that respond to sign-in events and require extra activities before granting a user access to the service.

1. To create a Conditional Access policy follow these steps

• Sign in to the Azure portal using an account with global administrator permissions.
• Search for and select Azure Active Directory, then choose Security from the menu on the left-hand side.
• Select Conditional Access, then choose + New policy.
• Enter a name for the policy, such as MFA Pilot.
• Enter a name for the policy, such as MFA Pilot.Under Assignments, choose Users and groups, then the Select users and groups radio button.
• Check the box for Users and groups, then Select to browse the available Azure AD users and groups.
• Browse for and select your Azure AD group, such as MFA-Test-Group, then choose Select.
• To apply the Conditional Access policy for the group, select Done.

2. Configure the conditions for multi-factor authentication:

• Select Cloud apps or actions. You can choose to apply the Conditional Access policy to All cloud apps or Select apps. To provide flexibility, you can also exclude certain apps from the policy.
• For this tutorial, on the Include page, choose the Select apps radio button.
• Choose Select, then browse the list of available sign-in events that can be used.
• For this tutorial, choose Microsoft Azure Management so the policy applies to sign-in events to the Azure portal.
• To apply the select apps, choose Select, then Done.

User Experience:

Prerequisite:

(a) Make sure you’ve enabled MFA setting on Azure Site

(b) Microsoft Authenticator App Installed on your Device

1. Single Sign-On :

• Please click on the Azure Login button/link provided by miniOrange SSO plugin.



• Add Azure login credentials.




2. Use Microsoft Authenticator for re-authenticate your login

To enable Single Sign-On (SSO) with Azure AD & Multi factor authentication (MFA) with Azure for your WordPress Site, you will need to install the WordPress OAuth & OpenID Connect Single Sign-On (SSO) plugin.