With WPO365 | LOGIN users can sign in with their corporate or school (Azure AD / Microsoft Office 365) account to access your WordPress website: No username or password required (OIDC or SAML 2.0 based SSO). Plus you can send email using Microsoft Graph instead of SMTP from your WordPress website. SINGLE SIGN-ON (SSO) Supported Identity Providers (IdPs): Azure Active Directory and Azure AD B2C more Supported SSO protocols: OpenID Connect and SAML 2.0 more Supported OpenID Connect User Flows: Authorization Code User Flow (recommended) and Hybrid User Flow more NEW USERS New users that sign in with Microsoft automatically become WordPress users more INTRANET Configure the intranet authentication mode to restrict access to all front-end posts and pages more Hide the WordPress Admin Bar for specific roles more MICROSOFT TEAMS Support for (seamless) integration of your WordPress website into a Microsoft Teams Tabs and Apps more MAIL Send emails using Microsoft Graph instead of SMTP from your WordPress website more Send as HTML Save to the Sent Items folder Support for file attachments WORDPRESS MULTISITE Support for WordPress Multisite more POWER BI Embed Microsoft Power BI content (user owns data) more SHAREPOINT Embed a SharePoint Online library using a Gutenberg Block or as simple shortcode Embed a SharePoint Online search experience into a front-end post or page using simple to generate shortcode more EMPLOYEE DIRECTORY Embed an intuitve Azure AD / Microsoft Graph based Employee Directory into a front-end post or page more REST API ENDPOINT PROTECTION Protect your WordPress REST API endpoints with a combination of a WordPress cookie and a nonce for delegated access more DEVELOPERS Developers can now connect to a RESTful API for Microsoft Graph in their favorite programming language and without the hassle of authentication and authorization more PHP hooks for developers to build custom Microsoft Graph / Office 365 integrations more ADD FUNCTIONALITY WITH PREMIUM EXTENSIONS PROFILE+ Update a WordPress user profile with (first, last, full) name, email and UPN from Azure AD more SINGLE SIGN-ON Visitors are required to sign in with Azure AD / Microsoft but will not be automatically logged in to WordPress more AUDIENCES Azure AD group based access restriction for individual front-end posts and pages more SYNC On-demand / scheduled user synchronization from Azure AD to WordPress more AVATAR Replace the default WordPress / BuddyPress avatar with a Microsoft 365 profile picture more ROLES + ACCESS WordPress roles assignments / access restrictions based on Azure AD groups / user attributes more LOGIN+ Map Microsoft Graph user resource properties to custom WordPress / BuddyPress user profile fields more Map custom claims in an Azure AD B2C ID token to custom WordPress / BuddyPress user profile fields more Map custom claims from SAML 2.0 response to custom WordPress / BuddyPress user profile fields more Support for so-called Multi-Tenancy more Require Proof Key for Code Exchange (PKCE) for increased protection when requesting oauth tokens from Azure AD more Other features: Enable SSO for the login page, Dual login and Private Pages MAIL Send large attachments (> 3 Mb) Send from Microsoft 365 Shared Mailbox Log every email sent from your WordPress website, review errors and try to send unsuccessfully sent mails again. more Allow forms / plugins / themes to dynamically set the From address Send all emails by default as BCC GROUPS Deep integration with the (itthinx) Groups plugin for group membership and access control more MICROSOFT 365 APPS Advanced versions of the apps to embed content of Microsoft 365 services such as Power BI (with support for application owns data scenarios) and SharePoint Online (with support for anonymous users) SCIM (SCIM based) Azure AD User Provisioning to WordPress more REST API ENDPOINT PROTECTION Enable Azure AD based protection for your WordPress REST API endpoints more CONFIGURATION Save multiple configurations Directly edit (the JSON representation of) a configuration Prerequisites Make sure that you have disabled caching for your Website in case your website is an intranet and access to WP Admin and all pubished pages and posts requires authentication. With caching enabled, the plugin may not work as expected We have tested our plugin with WordPress >= 4.8.1 and PHP >= 5.6.40 You need to be (Office 365) Tenant Administrator to configure both Azure Active Directory and the plugin You may want to consider restricting access to the otherwise publicly available wp-content directory Support We will go to great length trying to support you if the plugin doesn’t work as expected. Go to our Support Page to get in touch with us. We haven’t been able to test our plugin in all endless possible WordPress configurations and versions so we are keen to hear from you and happy to learn! Feedback We are keen to hear from you so share your feedback with us on Twitter and help us get better! Open Source When you’re a developer and interested in the code you should have a look at our repo over at WordPress.