Use this guide if you want to configure Single sign-out for your WordPress website when users sign in with Microsoft. Single sign-out is a feature of Azure AD that will try to sign out a user from all Azure AD applications he / she has previously signed into (including your WordPress website) when that users signs out of Microsoft.
Before you start
- You must already have configured the single sign-on capability of the WordPress + Office 365 plugin.
- You have sufficient privileges to edit the App registration for your WordPress website in Azure AD.
Configure single sign-out
- Navigate to Azure Portal.
- In the Azure Active Directory pane, click on App registrations and choose the app you have registered for your WordPress website.
- Click on Authentication.
- Add the logout URL for your website e.g. https://www.example.com/wp-login.php?action=logout as a Redirect URI (replace www.example.com with your website's hostname).
- Then add the logout URL for your website as Logout URL.
Enable logout without confirmation
- Navigate to WP Admin > WPO365 > Login / Logout.
- Check the option Enable logout without confirmation.
If you do not enable this, WordPress will ask the user for a confirmation. However, Azure AD will call the Logout URL in an iframe and therefore the user cannot interact with the request.