Usage The plugin basically supports two authentication scenarios:
Access to WP Admin and all published pages and posts requires authentication, since a corporation normally would not allow anonymous internet users to read internal corporate information.
Access to WP Admin requires authentication but all published pages and posts are available for anonymous internet users.
Premium scenarios: Secured by Azure Active Directory (authenticate-only)
Starting with v16 the following two new authentication scenarios have been added:
- Intranet (auth. only)
- Internet (auth. only)
These scenarios will be unlocked by the WPO365 | LOGIN+, WPO365 | PREMIUM and WPO365 | INTRANET extensions / bundles (see our website for details and pricing). The two scenarios work in most ways similar to their counterparts with one important exception: Website visitors are required to sign in with Microsoft but are not automatically signed in as WordPress users. If you intend to select one of these two scenarios, it is strongly recommend that you also read this article.
Please note To optimize overall performance in case of the Internet authentication mode, administrators can - starting with v10 - add the following line to the wp-config.php:
define( 'WPO_AUTH_SCENARIO', 'internet' );
This will prevent the plugin from loading for all requests that are not for WordPress administration pages.
Please be aware that - if you add this line to your wp-config.php - you must change the Redirect URI so that it ends with /wp-admin/ e.g. https://www.your-website.com/wp-admin/. If this is not the case, the plugin won't be able to receive the authentication response sent by Microsoft and the plugin will not work as expected.
Please also note that the following Login / Logout capabilities won't work and must be de-activated in advance
- Sending Mail using Microsoft Graph
- Dual Login
- Error Page
Also, login error messages won't be displayed in the notification area just above the (default) login form.
Important None of the authentication scenario's will enforce authentication for (otherwise anonymous) users who try to download media uploaded by authors to /wp-content/upload. Please refer to this guide https://docs.wpo365.com/article/15-restricing-access-to-wp-content-to-authenticted-users-only for instructions on how to enforce authentication for folders below the /wp-content web directory.
Default value Internet.
Visit the website https://www.wpo365.com/