Authentication scenario

Usage The plugin basically supports two authentication scenarios:

  • Intranet

Access to WP Admin and all published pages and posts requires authentication, since a corporation normally would not allow anonymous internet users to read internal corporate information.

  • Internet

Access to WP Admin requires authentication but all published pages and posts are available for anonymous internet users.

When you change the authentication scenario to Internet, the Pages Blacklist will disappear (professional, premium and intranet version only) and instead you can configure Private Pages.

Premium scenarios: Secured by Azure Active Directory (authenticate-only)

Starting with v16 the following two new authentication scenarios have been added:

  • Intranet (auth. only)
  • Internet (auth. only)

These scenarios will be unlocked by the WPO365 | LOGIN+, WPO365 | PREMIUM and WPO365 | INTRANET extensions / bundles (see our website for details and pricing). The two scenarios work in most ways similar to their counterparts with one important exception: Website visitors are required to sign in with Microsoft but are not automatically signed in as WordPress users. If you intend to select one of these two scenarios, it is strongly recommend that you also read this article.

Please note To optimize overall performance in case of the Internet authentication mode, administrators can - starting with v10 - add the following line to the wp-config.php: 

define( 'WPO_AUTH_SCENARIO', 'internet' );

This will prevent the plugin from loading for all requests that are not for WordPress administration pages. 

Please be aware that - if you add this line to your wp-config.php - you must change the Redirect URI so that it ends with /wp-admin/ e.g. https://www.your-website.com/wp-admin/. If this is not the case, the plugin won't be able to receive the authentication response sent by Microsoft and the plugin will not work as expected. 

Please also note that the following Login / Logout capabilities won't work and must be de-activated in advance

  • Dual Login
  • Error Page

Also, login error messages won't be displayed in the notification area just above the (default) login form.

Important Neither of the authentication scenario's will enforce authentication for (otherwise anonymous) users who try to download media uploaded by authors to /wp-content/upload. Please refer to this guide https://docs.wpo365.com/article/15-restricing-access-to-wp-content-to-authenticted-users-only for instructions on how to enforce authentication for folders below the /wp-content web directory.

Default value Internet.

Versions ALL

Visit the website https://www.wpo365.com/

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us