Usage The plugin basically supports two authentication scenarios:
Access to WP Admin and all published pages and posts requires authentication, since a corporation normally would not allow anonymous internet users to read internal corporate information.
Access to WP Admin requires authentication but all published pages and posts are available for anonymous internet users.
Important To optimize overall performance in case of the Internet authentication mode, administrators can - starting with v10 - add the following line to the wp-config.php:
define( 'WPO_AUTH_SCENARIO', 'internet' );
This will prevent the plugin from loading for all requests that are not for WordPress administration pages.
Please be aware that - if you add this line to your wp-config.php - you must change the Redirect URI so that it ends with /wp-admin/ e.g. https://www.your-website.com/wp-admin/. If this is not the case, the plugin won't be able to receive the authentication response sent by Microsoft and the plugin will not work as expected.
Please also note that the following Login / Logout capabilities won't work and must be de-activated in advance
- Dual Login
- Error Page
Also, login error messages won't be displayed in the notification area just above the (default) login form.
Related Neither of the authentication scenario's will enforce authentication for (otherwise anonymous) users who try to download media uploaded by authors to /wp-content/upload. Please refer to this guide https://docs.wpo365.com/article/15-restricing-access-to-wp-content-to-authenticted-users-only for instructions on how to enforce authentication for folders below the /wp-content web directory.
Default value Internet.
Visit the website https://www.wpo365.com/