Step by Step Guide to Configure Azure AD as an OAuth/OpenId Connect Server

If you want to login to your WordPress site using your Azure username and password, you can simply do it using our WP OAuth Client plugin. Once you configure the Azure with WordPress plugin, you can login to your WordPress site using Azure credentials. This plugin also allows you to map your WordPress account different roles based on your Azure attributes/groups. To know more about other features we provide in WP OAuth Client plugin, you can click here.

Please follow the steps given below to configure your Azure account with WordPress and setup the Single Sign On.

Guide to configure Azure with WordPress :

    1. Go to https://portal.azure.comand sign up/login in your Azure portal.
    2. Create a new tenant: You can do so by following the below given steps:
        • Click on Create a resource.
        • Search for Azure Active Directory B2C.
        • Select and scroll down until you find an option to Create a new B2C Tenant without Subscription.
        • Click on it to create a new tenant.

      azure1

    3. Select Create a new Azure AD B2C Tenant and enter the following data in their respective text fields:
      • Organization name
      • Initial Domain name
      • Select your Country or Region
      • Click on the Save button to create a new tenant

(Refer to the image on the next page)
azure2

    1. Click on the following message to manage your directory:

“Click here, to manage your new directory”
azure3

    1. Click on Applications and then on Add option to add a new application.

azure4

    1. Enter a name for your application under the Name text field.
    2. Select Yes from the options in front of Web APP/Web API and Yes from options in front of Allow Implicit Flow. Also, copy the Redirect/Callback URL from the miniOrange OAuth Client plugin and save it under the Reply URL textbox.
    3. Click on the Create button to create your application. (Refer to the image below)

Please Note: Your Callback/ Redirect URl should be httpsonly and not http.

azure5

    1. Click on the Applications option under the Manage Menu in the left navigation bar and you will find your application listed there. Click on your application.

azure6

    1. Copy your Application ID and save it under your Client ID textbox in your miniOrange OAuth Client plugin. Then, click on the Keys option to generate a key.

azure7

    1. Click on the Generate Key option and save it with a name. Click on the Save option and it will generate a random string which you will store as Client secret in your miniOrange OAuth Client plugin.

azure8

    1. Now, go to your dashboard and go to Azure Active Directory -> Properties. Copy the Directory ID and substitute this value whenever you need to enter Tenant ID.

 

azure9

You have successfully completed your Azure AD B2C OAuth Server side configurations.

    1. You can download OAuth Client plugin using the following link.

OAuth Single Sign On – SSO (OAuth client)

Azure Endpoints and Scope:

Client ID :  from the step 10 above
Client Secret :  from the step 11 above
Scope:  openid
Authorize Endpoint: https://login.microsoftonline.com/[tenant-id]/oauth2/authorize
Access Token Endpoint: https://login.microsoftonline.com/[tenant]/oauth2/token
Get User Info Endpoint: https://login.windows.net/common/openid/userinfo

If you are facing any difficulty please mail us on info@miniorange.com.