B2c Single Sign On Configuration

Posted on  by admin
B2c Single Sign On Configuration Rating: 5,0/5 7536 votes

Single sign-on (SSO) configuration. If you have multiple applications and policies in your B2C tenant, you can manage user interactions across them using the Single sign-on configuration property. You can set the property to one of the following settings: Tenant: This is the default setting. Using this setting allows multiple applications. Azure AD B2C achieves SAML interoperability in one of two ways: By acting as an identity provider (IdP) and achieving single-sign-on (SSO) with SAML-based service providers (your applications) By acting as a service provider (SP) and interacting with SAML-based identity providers like Salesforce and ADFS. Screen Reader users press enter to select a Filter by product. Filter by product This button does not work with screen readers. Please use the previous link instead. Make selection - click arrows to drill down. Azure AD B2C supports the following five OOB user journeys: i) self-service sign-up (Sign-up), ii) single sign-on (Sign-in), iii) sign-up or sign-in (Sign-up or Sign-in), iv) profile editing (Edit your profile), and v) self-service password reset (Reset your password) for local accounts.

Overview

In our endeavor to simplify identity provider setup with portals and on the heels of the general availability of Power Apps portals simplified identity provider configuration, we are happy to announce yet another capability in this area.

A unique preview experience is available now to setup Azure AD B2C with portals using a wizard for a quick and complete configuration directly from the Power Apps portals authentication settings.

Preview capabilities

In public preview, the feature provides following capabilities

  • Available from make.preview.powerapps.com when you choose to add Azure Active Directory login provider
  • Select existing Azure AD B2C tenant or even create a new one if you have the appropriate permissions in Azure
  • Register your portal as an application (new or existing) with the selected tenant
  • Configure Sign-up & sign-in and Password reset user flows (new or existing)

To learn more and try this new experience

See Configure the Azure Active Directory B2C provider (Preview)

Configuration

Description

ONE LOGIN FOR MULTIPLE MICROSOFT ACCOUNTS (AZURE AD/B2C/O365)

Azure AD, Azure B2C, Office 365, Microsoft 365 Login uses SAML Single Sign On to allows users residing at Microsoft Azure to login into your WordPress site securely using their Azure AD, Azure B2C, O365, Microsoft 365 accounts.
Only after successful authentication with Azure AD / Azure B2C, Office 365 the plugin authorizes the users and grants them access to the WordPress site.

List of Supported IdPs

  • Azure AD (supports SAML SSO for WordPress login)
  • Azure AD B2C (supports SAML SSO for WordPress login)
  • Office 365 (supports SAML SSO for WordPress login)
  • Microsoft 365 (supports SAML SSO for WordPress login)
  • ADFS (supports SAML SSO for WordPress login)
    and practically any SAML compliant Identity Provider.

Azure AD SAML SSO Video Guide Links:
* App Registration Application
* Enterprise Application

miniOrange Azure AD, Azure B2C, Office 365 Login Plugin acts as a SAML 2.0 Service Provider which can be configured to establish the trust between the plugin and Azure Active Directory / Azure B2C to securely authenticate the Azure AD, Azure B2C, O365 or Microsoft 365 users to the WordPress site.
WordPress Multi-Site Environment and the ability to configure Multiple IDPs/tenants/Azure Enterprise applications against wordpress as service provider is also supported in premium/Enterprise version of Azure AD, Azure B2C, Office 365 Login plugin.

If you require any Single Sign On (SSO) application or need any help with installing this plugin, please feel free to email us at samlsupport@xecurify.com or Contact us.

WordPress Single Sign On (SSO)

Single Sign-On (SSO) is an authentication process in which a user can login to multiple applications and/or websites by using only a single set of login credentials (such as username and password). This prevents the need for the user to login separately into the different applications. Single Sign-On addresses the challenge of maintaining the credentials for each application separately, streamlining the process of signing-on without need to re-enter the password.

Azure / O365 SAML Single Sign On supports all kinds of SSO use cases such as Azure login, Azure AD login, Office 365 login, ADFS login, Okta login, OneLogin SSO, Salesforce login, Google Apps login, Keycloak login, Auth0 login, Shibboleth login, PingFederate login, etc. allowing your users to securely login to the WordPress site.

Free Version Features

  • Login with Azure – SSO (Azure B2C, Azure AD) supports SSO with any 3rd party SAML supported Identity Providers like Azure AD, Azure B2C, Office 365, Microsoft 365, ADFS, Okta, Salesforce, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ etc.
  • Auto Create Users – Users will be auto-created in WordPress after SSO
  • Login Widgets – Use Widgets to easily integrate the login link with your WordPress site.
  • Attribute Mapping – Easily map attributes like First Name, Last Name, Email and Username from SAML-compliant IdP to your WordPress user attributes.
  • Role Mapping – Select default role to assign to users on auto registration.

Standard Version Features

  • Unlimited Authentications – Unlimited authentication with your SAML 2.0 compliant Identity Providers like Azure AD, Azure B2C, Office 365, Microsoft 365, ADFS, Okta, Salesforce, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ etc. Click here for more information.
  • Advanced Attribute Mapping – Azure AD, Azure B2C, Office 365 Login provides the feature to map your IDP attributes to your WordPress site attributes like Username, Email, First Name, Last Name, Group/Role, Display Name. Click here for more information.
  • Login Widgets and Short Code – Use Widgets to easily integrate the login link with your WordPress site. Use Short Code (PHP or HTML) generated by Login with Azure – SSO (Azure B2C, Azure AD) to place the login link wherever you want on the site.Click here for more information.
  • Step-by-step Guides – Use step-by-step guide to configure your SAML-compliant Identity Provider like Azure AD, Azure B2C, Office 365, Microsoft 365, ADFS, Centrify, Google Apps, Okta, OneLogin, Salesforce, SimpleSAMLphp, Shibboleth, WSO2, JBoss Keycloak, Oracle.Click here for more information.
  • Auto-redirect to IDP [Protect Complete Site] – Users trying to access WordPress site will be redirected to the Identity Provider for SSO.Click here for more information.
  • Protect WordPress login page – Users trying to access WordPress login page will be redirected to the Identity Provider for SSO.Click here for more information.
  • Customize SP Configuration – Change SP base URL and SP Entity ID.Click here for more information.
  • Select Binding Type – Select HTTP-Post or HTTP-Redirect binding type to use for sending SAML Requests.Click here for more information.
  • Integrated Windows Authentication – Support for Integrated Windows Authentication (IWA) in Azure AD, Azure B2C, Office 365 Login Premium plugin.Click here for more information.

Premium Features of Login with Azure – SSO (Azure B2C, Azure AD, Office 365, Microsoft 365)

  • Includes all the STANDARD version features.
  • Role Mapping – Helps you to assign specific wordpress roles to users of a certain group(Self Service Group Management) in your IdP like Azure AD as IdP, Azure B2C as IdP or Office 365 as IdP or Microsoft 365 as IDP. Click here for more information.
  • Auto-sync IdP Configuration from metadata – Keep your Azure AD, Azure B2C, Microsoft 365 or O365 IDP SAML Configuration and Certificates updated and in sync. Click here for more information.
  • WordPress Multi-site Support – Multi-Site environment is one which allows multiple subdomains / subdirectories to share a single installation. With multisite premium plugin, you can configure the SAML-compliant IDP in minutes for all your sites in a network. While, if you have basic premium plugin, you have to do plugin configuration on each site individually as well as multiple service provider configuration’s in the SAML-compliant IDP.Click here for more information.
  • Redirect URL after Login – You can configure the WordPress logins initiated from the Web Console to automatically redirect users to the IdP(Azure AD, Azure B2C, Office 365, Microsoft 365). If multiple IdPs (Azure AD SSO, Azure B2C SSO, Office 365,Microsoft 365 SSO) are available, users choose which Microsoft application IdP validates their credentials.Click here for more information.
  • Widget to add IDP Login – We customize Add a link or button anywhere on your WordPress site to allow users to authenticate via their Identity Provider.Click here for more information.
  • Auto Create Users – Users will be auto-created in WordPress after SSO which benefits you in maintaining stream lined account management with Improved Productivity and enhanced security.Click here for more information.
  • SAML Single Logout – Support for SAML Single Logout (Works only if your IDP supports SLO).Click here for more information.
  • Auto-redirect to IDP – Users will be redirected to SAML-compliant IdP for SSO when trying to access the WordPress login page.Click here for more information.
  • Protect Site – Users trying to access WordPress will be redirected to the SAML-compliant Identity Provider for SSO.Click here for more information.
  • Advanced Role Mapping – Azure AD, Azure B2C, Office 365 Login provides the feature to assign WordPress roles your users based on the group/role sent by your SAML-compliant IDP.Click here for more information.
  • Reverse-proxy Support – Support for sites behind a reverse-proxy in Login with Office 365 Premium plugin.Click here for more information.
  • Multiple Certificates – Store Multiple IdP Certificates.Click here for more information.
  • Custom Certificate – Have your own custom SAML-compliant SP X-509 Certificate.Click here for more information.
  • Multi-Network Support – Allow multiple Subdomains / subdirectories by sharing a single installation. Configure microsoft applications (Azure AD, Azure B2C, Office 365) for all your sites in a Network.https://www.miniorange.com/wordpress-single-sign-on-(sso)-for-multinetwork
  • Single Sign-On (SSO) – Easy and seamless access to all resources. WordPress Single Sign On (SSO) via any existing Microsoft applications SAML 2.0 Identity Provider.Click here for more information.

Enterprise Features of Login with Azure – SSO (Azure B2C, Azure AD, Office 365, Microsoft 365)

  • Includes all the STANDARD version features.
  • Multiple SAML IDPs Support – We now support configuration of Multiple SAML-compliant IDPs in the plugin to authenticate the different group of users with different IDP’s. You can give access to users by users to IDP mapping (which SAML-compliant IDP to use to authenticate a user) is done based on the domain name in the user’s email. (This is a Enterprise feature with separate licensing. Contact us at info@xecurify.com to get licensing plans for this feature.)
  • Easy migration from dev to prod – Compatible with multiple environments in a hosting provider like Pantheon, WP-Engine, WordPress VIP. In general, if you make copy of your site then all the configuration will also get copied resulting in interuption of SSO. Using this feature you can easy migrate without breaking the SSO on test/stag/prod site.Click here for more information.
  • Mu Domain Mapping Support – If you are using WordPress Multisite installation with each subsite using different domain host (Multiple Domain Installation) then SSO can be performed in all the subsites regardless of their domain.Click here for more information.
  • SAML Single Logout – Support for SAML Single Logout (Works only if your IDP supports SLO).Click here for more information.
  • Auto-redirect to IDP – Users will be redirected to SAML-compliant IdP for SSO when trying to access the WordPress login page.Click here for more information.
  • Protect Site – Users trying to access WordPress will be redirected to the SAML-compliant Identity Provider for SSO.Click here for more information.
  • Advanced Role Mapping – Azure AD, Azure B2C, Office 365 Login provides the feature to assign WordPress roles your users based on the group/role sent by your SAML-compliant IDP.Click here for more information.
  • Reverse-proxy Support – Support for sites behind a reverse-proxy in Login with Office 365 Premium plugin.Click here for more information.
  • Multiple Certificates – Store Multiple IdP Certificates.Click here for more information.
  • Custom Certificate – Have your own custom SAML-compliant SP X-509 Certificate.Click here for more information.
  • WordPress Multi-site Support – Multi-Site environment is one which allows multiple subdomains / subdirectories to share a single installation. With multisite premium plugin, you can configure the SAML-compliant IDP in minutes for all your sites in a network. While, if you have basic premium plugin, you have to do plugin configuration on each site individually as well as multiple service provider configuration’s in the SAML-compliant IDP.Click here for more information.

All-Inclusive Features of Login with Azure – SSO (Azure B2C, Azure AD, Office 365, Microsoft 365)

  • Includes all the Enterprise version features.
  • Customize Metadata Contact Information – You can now customize Organization profile as well as technical details in Service Provider Metadata.
  • Configuring Plugin using APIs – You can configure the plugin using API calls as well as WP-CLI. It helps you to manage configuration for large number of sites and easily automate the process.
  • Add-Ons included – You will get the following addons in the license cost itself for extended functionality. It provides functionality ranging from Automatic user provisioning, login audit, session manager, LMS mapper, Page/Post/Media restriction, etc.

Add-ons

We have a variety of add-ons that can be integrated with the Login with Office 365 plugin to improve the functionality of your WordPress site.

  • Page Restriction – This add-on is basically used to protect the pages/posts of your site with SAML-compliant IDP login page and also, restrict the access to pages/posts of the site based on the user roles.
  • BuddyPress Integration – This add-on maps the attributes fetched from the SAML-compliant IdP with BuddyPress attributes.
  • LearnDash Integration – This add-on will map the SAML-compliant IdP attributes to the LearnDash attributes.
  • Media Restriction – This add-on restricts unauthorized users from accessing the media files on your WordPress site.
  • Attribute based Redirection (ABAC) – This plugin can be used to restrict and redirect users to different URLs based on Azure AD / Azure B2C / Office 365 IDP attributes.
  • SCIM-User Provisioning – SCIM Auto User Provisioning allows users to sync, Create, Update, delete users from Azure AD or all SCIM capable Identity providers(IdPs) to WordPress sites.
  • SSO Login Audit – SSO Login Audit captures all the SSO users and will generate the reports.
  • SSO Session Management– SSO session management add-on manages the login session time of your users based on their WordPress roles.

If you are looking for an SAML-compliant Identity Provider,you can try out miniOrange On-Premise IdP.

You might be interested to know that if you’re a current Office 365, Azure or you’re already using Azure AD – and can use this tenant to manage access to any of the other cloud services with which Azure AD integrates.

Contact us at info@xecurify.com to get add-ons.

Website –

Azure B2c Single Sign-on Configuration

Check out our website for other plugins http://miniorange.com/plugins or click here to see all our listed WordPress plugins.
For more support or info email us at info@xecurify.com or Contact us. You can also submit your query from plugin’s configuration page.

Installation

From your WordPress dashboard

Configuration
  1. Visit Plugins > Add New.
  2. Search for Azure AD, Azure B2C, Office 365 Login. Find and Install Azure AD, Azure B2C, Office 365 Login.
  3. Activate the plugin from your Plugins page.

From WordPress.org

  1. Download Login with Office 365 plugin.
  2. Unzip and upload the login-with-office-365 directory to your /wp-content/plugins/ directory.
  3. Activate Login with Office 365 from your Plugins page.

FAQ

I am not able to configure the Identity Provider with the provided settings

Please email us at info@xecurify.com or Contact us. You can also submit your app request from plugin’s configuration page.

For any query/problem/request

Visit Help & FAQ section in the plugin OR email us at info@xecurify.com or Contact us. You can also submit your query from plugin’s configuration page.

Single

Reviews

Contributors & Developers

“Login with Azure – SSO(Azure B2C, Azure AD)” is open source software. The following people have contributed to this plugin.

Contributors

Azure B2c Single Sign On Configuration

Interested in development?

B2c

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Single Sign-on Configuration B2c

Changelog

1.0.1

  • Compatibility with WordPress 5.5 and PHP 7.4+
  • Sanitization fixes

B2c Single Sign On Configuration Yahoo

1.0

B2c Single Sign On Configuration Example

Initial public release