Obfuscate AAD secrets

Please note Starting with version 27.0, the behavior of this option has changed significantly. Before, checking this option would configure the plugin to look in the site's wp-config.php file for a named constant WPO_AAD_x (whereby the x should be replaced with the blog ID of the site in question).

Now, WPO365 will automatically detect this named constant, provided that a premium WPO365 addon or bundle is present, and will use it to configure the corresponding Identity Provider. It still makes sense, to activate this option in this case, as it will obfuscate the Identity Provider's configuration in the WPO365 Configuration Pages.

Check out this tutorial for instructions how to offload the configuration of the Identity Provider to your WordPress website's (or this tutorial if you need to configure multiple Identity Providers).

Usage When you check this option, the plugin will obfuscate the following Identity Provider related configuration options 

  • Tenant ID
  • Redirect URL
  • Application ID
  • Application Secret
  • App-only Application ID
  • App-only Application Secret
  • Mail Tenant ID
  • Mail Application ID
  • Mail Application Secret
  • Mail Redirect URL
  • Secret key to bypass SSO
  • SAML X509 Certificate
  • Application ID URI (for the App registration used to protect a WP REST API with Azure)

Please note When an option is obfuscated, the following actions are applied to it:

1. Removed from the WPO365 configuration
2. Replaced with placeholder values
3. Disabled so it cannot be updated manually

Unchecking the option will not restore these options to their original values!

The following screenshot depicts an example of an obfuscated Identity Provider's configuration options.

Default value Unchecked.


Visit the website https://www.wpo365.com/

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us