WordPress Azure AD integrator works in conjunction with the WordPress OAuth & OpenId Connect Client Single Sign-On (SSO) Plugin for the Azure AD SSO. WordPress Azure AD integrator provides functionality to manage all the user operations from your WordPress site. The user operations provided are Login, Registration, Profile update, Password Reset. All these operations can be managed either by users themselves or by the WordPress administrators. Using this WordPress Azure AD integration, you can provide a seamless user experience on your WordPress site for all the users in your Azure AD. You don’t need to manage them by yourself at the Azure portal. During the login event, WordPress Azure AD integrator creates the users in WordPress as per the Attribute and Role Mapping configured in the OAuth Single Sign-On (SSO) plugin and logs them in subsequently at the time of SSO.
To know more details about different features provided in Azure AD SSO and Microsoft Office 365 SSO, please click here.
Azure user creation from registration form in WP (As the registration form is unique for each site, this needs customization according to the form created and its corresponding fields)
Azure password reset using default WP password reset functionality
Azure user profile update from update form in WP (This feature also needs customization for the same reason)
WordPress to Azure On the Fly User provisioning
Azure login from default WP login form
The Registration form on WordPress site is generally designed using one of the forms’ plugins like gravity forms, elementor, WP forms. The registration form contains all the input fields as per the use case. Users then register using that form like any other registrations out there, and they get created in your Azure AD seamlessly, all the tedious work is done at the backend by the WordPress Azure integrator. This use case generally gets extended by adding the email / phone number verification during registration and also adding the Profile Update form and Password Reset form in WordPress which also works seamlessly. This will need customization for adding support for the registration form you are using and profile fields it contains.
If you want to synchronize all the user operations from WordPress to Azure AD, this is the right solution for you. In this case, the user operations are managed by the Administrator at the WordPress site. So, whenever the administrator creates a user from the WordPress backend, the same user will get created at the Azure AD’s side. Same goes for the other operations as well like user profile update, user deletion. This use case gets extended by configuring specific WordPress roles for the user to be a guest or a member in Azure.
Earlier, if you were managing all the users in your WordPress site and currently you have decided to manage them in Azure AD / Azure B2C, then you need to move the users. WordPress Azure Integration can help you with this as well. Here, we don’t get the users’ passwords in plain text from WordPress. So, we create the users in Azure with some random password and send that password to the email addresses of the respective users. When users login to azure with those random passwords for the first time, they will be forced to change their passwords. Accordingly they can have their own passwords in Azure.
If you are looking to maintain all the users of your WordPress sites and other applications in a central place like Azure and provide the user registration from one of your WordPress sites, then WordPress Azure Integrator would be the best solution for this. This Single Sign-On (SSO) use case generally gets extended by adding login to all the applications using the Azure AD’s credentials. In this case, Azure AD will be a single source of authentication for all your applications. This will also need customization based on the structure of your registration form.
Note: If you have any other requirements apart from the above mentioned features, we can customize the WordPress Azure AD Integration according to your use case and the user flow.
*There is an additional cost associated with customizations. Please contact us at firstname.lastname@example.org