. The sign-in link from the site should redirect to the B2C endpoint and pages rendered (if using custom pages). Upon sign up or subsequent sign in, authenticated users should be redirected back to the web site and logged in name showing in the upper right-hand menu. Test ‘Forget password' flow.
As the document in the your question said,if you have multiple applications and policies in your B2C tenant, you can manage user interactions across them using the Single sign-on configuration property. You can also add external identity provider like Google, Facebook and etc. In Azure Active Directory B2C, custom policies are designed primarily to address complex scenarios. For most scenarios, we recommend that you use built-in user flows. Single sign-on (SSO) session management uses the same semantics as any other technical profile in custom policies.
-->In this tutorial, you'll learn how to integrate Zendesk with Azure Active Directory (Azure AD). When you integrate Zendesk with Azure AD, you can:
- Control in Azure AD who has access to Zendesk.
- Enable your users to be automatically signed-in to Zendesk with their Azure AD accounts.
- Manage your accounts in one central location - the Azure portal.
Prerequisites
Azure B2c Single Sign On Configuration
To get started, you need the following items:
- An Azure AD subscription. If you don't have a subscription, you can get a free account.
- Zendesk single sign-on (SSO) enabled subscription.
Scenario description
In this tutorial, you configure and test Azure AD SSO in a test environment.
- Zendesk supports SP initiated SSO
- Zendesk supports Automated user provisioning
Adding Zendesk from the gallery
To configure the integration of Zendesk into Azure AD, you need to add Zendesk from the gallery to your list of managed SaaS apps.
- Sign in to the Azure portal using either a work or school account, or a personal Microsoft account.
- On the left navigation pane, select the Azure Active Directory service.
- Navigate to Enterprise Applications and then select All Applications.
- To add new application, select New application.
- In the Add from the gallery section, type Zendesk in the search box.
- Select Zendesk from results panel and then add the app. Wait a few seconds while the app is added to your tenant.
Configure and test Azure AD SSO for Zendesk
Configure and test Azure AD SSO with Zendesk using a test user called B.Simon. For SSO to work, you need to establish a link relationship between an Azure AD user and the related user in Zendesk.
To configure and test Azure AD SSO with Zendesk, perform the following steps:
- Configure Azure AD SSO - to enable your users to use this feature.
- Create an Azure AD test user - to test Azure AD single sign-on with B.Simon.
- Assign the Azure AD test user - to enable B.Simon to use Azure AD single sign-on.
- Configure Zendesk SSO - to configure the single sign-on settings on application side.
- Create Zendesk test user - to have a counterpart of B.Simon in Zendesk that is linked to the Azure AD representation of user.
- Test SSO - to verify whether the configuration works.
Configure Azure AD SSO
Follow these steps to enable Azure AD SSO in the Azure portal.
In the Azure portal, on the Zendesk application integration page, find the Manage section and select single sign-on.
On the Select a single sign-on method page, select SAML.
On the Set up single sign-on with SAML page, click the pencil icon for Basic SAML Configuration to edit the settings.
On the Basic SAML Configuration section, perform the following steps:
a. In the Sign on URL text box, type a URL using the following pattern:
https://.zendesk.com
b. In the Identifier (Entity ID) text box, type a URL using the following pattern:
https://.zendesk.com
c. In the Reply URL text box, type a URL using the following pattern:
https://.zendesk.com/access/saml
Note
These values are not real. Update these values with the actual Sign on URL, Identifier and Reply URL. Contact Zendesk Client support team to get these values. You can also refer to the patterns shown in the Basic SAML Configuration section in the Azure portal.
Zendesk application expects the SAML assertions in a specific format. There are no mandatory SAML attributes but optionally you can manage from the User Attributes section on application integration page. On the Set up Single Sign-On with SAML page, click Edit button to open User Attributes dialog.
Note
You use extension attributes to add attributes that are not in Azure AD by default. Click User attributes that can be set in SAML to get the complete list of SAML attributes that Zendesk accepts.
In the SAML Signing Certificate section, click Edit button to open SAML Signing Certificate dialog.
In the SAML Signing Certificate section, copy the Thumbprint Value and save it on your computer.
On the Set up Zendesk section, copy the appropriate URL(s) based on your requirement.
Create an Azure AD test user
In this section, you'll create a test user in the Azure portal called B.Simon.
- From the left pane in the Azure portal, select Azure Active Directory, select Users, and then select All users.
- Select New user at the top of the screen.
- In the User properties, follow these steps:
- In the Name field, enter
B.Simon
. - In the User name field, enter the username@companydomain.extension. For example,
B.Simon@contoso.com
. - Select the Show password check box, and then write down the value that's displayed in the Password box.
- Click Create.
- In the Name field, enter
Assign the Azure AD test user
In this section, you'll enable B.Simon to use Azure single sign-on by granting access to Zendesk.
- In the Azure portal, select Enterprise Applications, and then select All applications.
- In the applications list, select Zendesk.
- In the app's overview page, find the Manage section and select Users and groups.
- Select Add user, then select Users and groups in the Add Assignment dialog.
- In the Users and groups dialog, select B.Simon from the Users list, then click the Select button at the bottom of the screen.
- If you are expecting a role to be assigned to the users, you can select it from the Select a role dropdown. If no role has been set up for this app, you see 'Default Access' role selected.
- In the Add Assignment dialog, click the Assign button.
Configure Zendesk SSO
To automate the configuration within Zendesk, you need to install My Apps Secure Sign-in browser extension by clicking Install the extension.
After adding extension to the browser, click on setup Zendesk will direct you to the Zendesk application. From there, provide the admin credentials to sign into Zendesk. The browser extension will automatically configure the application for you and automate steps 3-6.
If you want to setup Zendesk manually, open a new web browser window and sign into your Zendesk company site as an administrator and perform the following steps:
In the Zendesk Admin Center, click on Security settings in the Security tab.
Go to the Single sign-on page and click on Edit in the SAML.
Perform the following steps in the SSO page.
a. In SAML SSO URL textbox, paste the value of Login URL which you have copied from Azure portal.
b. In Certificate Fingerprint textbox, paste the Thumbprint value of certificate which you have copied from Azure portal.
c. In Remote Logout URL textbox, paste the value of Logout URL which you have copied from Azure portal.
d. Click Save.
Create Zendesk test user
The objective of this section is to create a user called Britta Simon in Zendesk. Zendesk supports automatic user provisioning, which is by default enabled. You can find more details here on how to configure automatic user provisioning.
Test SSO
In this section, you test your Azure AD single sign-on configuration with following options.
Click on Test this application in Azure portal. This will redirect to Zendesk Sign-on URL where you can initiate the login flow.
Go to Zendesk Sign-on URL directly and initiate the login flow from there.
You can use Microsoft My Apps. When you click the Zendesk tile in the My Apps, this will redirect to Zendesk Sign-on URL. For more information about the My Apps, see Introduction to the My Apps.
Next steps
Once you configure Zendesk you can enforce session control, which protects exfiltration and infiltration of your organization's sensitive data in real time. Session control extends from Conditional Access. Learn how to enforce session control with Microsoft Cloud App Security.
Description
ONE LOGIN FOR MULTIPLE MICROSOFT ACCOUNTS (AZURE AD/B2C/O365)
Azure AD, Azure B2C, Office 365, Microsoft 365 Login uses SAML Single Sign On to allows users residing at Microsoft Azure to login into your WordPress site securely using their Azure AD, Azure B2C, O365, Microsoft 365 accounts.
Only after successful authentication with Azure AD / Azure B2C, Office 365 the plugin authorizes the users and grants them access to the WordPress site.
List of Supported IdPs
- Azure AD (supports SAML SSO for WordPress login)
- Azure AD B2C (supports SAML SSO for WordPress login)
- Office 365 (supports SAML SSO for WordPress login)
- Microsoft 365 (supports SAML SSO for WordPress login)
- ADFS (supports SAML SSO for WordPress login)
and practically any SAML compliant Identity Provider.
Azure AD SAML SSO Video Guide Links:
* App Registration Application
* Enterprise Application
miniOrange Azure AD, Azure B2C, Office 365 Login Plugin acts as a SAML 2.0 Service Provider which can be configured to establish the trust between the plugin and Azure Active Directory / Azure B2C to securely authenticate the Azure AD, Azure B2C, O365 or Microsoft 365 users to the WordPress site.
WordPress Multi-Site Environment and the ability to configure Multiple IDPs/tenants/Azure Enterprise applications against wordpress as service provider is also supported in premium/Enterprise version of Azure AD, Azure B2C, Office 365 Login plugin.
If you require any Single Sign On (SSO) application or need any help with installing this plugin, please feel free to email us at samlsupport@xecurify.com or Contact us.
WordPress Single Sign On (SSO)
Single Sign-On (SSO) is an authentication process in which a user can login to multiple applications and/or websites by using only a single set of login credentials (such as username and password). This prevents the need for the user to login separately into the different applications. Single Sign-On addresses the challenge of maintaining the credentials for each application separately, streamlining the process of signing-on without need to re-enter the password.
Azure / O365 SAML Single Sign On supports all kinds of SSO use cases such as Azure login, Azure AD login, Office 365 login, ADFS login, Okta login, OneLogin SSO, Salesforce login, Google Apps login, Keycloak login, Auth0 login, Shibboleth login, PingFederate login, etc. allowing your users to securely login to the WordPress site.
Free Version Features
- Login with Azure – SSO (Azure B2C, Azure AD) supports SSO with any 3rd party SAML supported Identity Providers like Azure AD, Azure B2C, Office 365, Microsoft 365, ADFS, Okta, Salesforce, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ etc.
- Auto Create Users – Users will be auto-created in WordPress after SSO
- Login Widgets – Use Widgets to easily integrate the login link with your WordPress site.
- Attribute Mapping – Easily map attributes like First Name, Last Name, Email and Username from SAML-compliant IdP to your WordPress user attributes.
- Role Mapping – Select default role to assign to users on auto registration.
Standard Version Features
- Unlimited Authentications – Unlimited authentication with your SAML 2.0 compliant Identity Providers like Azure AD, Azure B2C, Office 365, Microsoft 365, ADFS, Okta, Salesforce, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ etc. Click here for more information.
- Advanced Attribute Mapping – Azure AD, Azure B2C, Office 365 Login provides the feature to map your IDP attributes to your WordPress site attributes like Username, Email, First Name, Last Name, Group/Role, Display Name. Click here for more information.
- Login Widgets and Short Code – Use Widgets to easily integrate the login link with your WordPress site. Use Short Code (PHP or HTML) generated by Login with Azure – SSO (Azure B2C, Azure AD) to place the login link wherever you want on the site.Click here for more information.
- Step-by-step Guides – Use step-by-step guide to configure your SAML-compliant Identity Provider like Azure AD, Azure B2C, Office 365, Microsoft 365, ADFS, Centrify, Google Apps, Okta, OneLogin, Salesforce, SimpleSAMLphp, Shibboleth, WSO2, JBoss Keycloak, Oracle.Click here for more information.
- Auto-redirect to IDP [Protect Complete Site] – Users trying to access WordPress site will be redirected to the Identity Provider for SSO.Click here for more information.
- Protect WordPress login page – Users trying to access WordPress login page will be redirected to the Identity Provider for SSO.Click here for more information.
- Customize SP Configuration – Change SP base URL and SP Entity ID.Click here for more information.
- Select Binding Type – Select HTTP-Post or HTTP-Redirect binding type to use for sending SAML Requests.Click here for more information.
- Integrated Windows Authentication – Support for Integrated Windows Authentication (IWA) in Azure AD, Azure B2C, Office 365 Login Premium plugin.Click here for more information.
Premium Features of Login with Azure – SSO (Azure B2C, Azure AD, Office 365, Microsoft 365)
- Includes all the STANDARD version features.
- Role Mapping – Helps you to assign specific wordpress roles to users of a certain group(Self Service Group Management) in your IdP like Azure AD as IdP, Azure B2C as IdP or Office 365 as IdP or Microsoft 365 as IDP. Click here for more information.
- Auto-sync IdP Configuration from metadata – Keep your Azure AD, Azure B2C, Microsoft 365 or O365 IDP SAML Configuration and Certificates updated and in sync. Click here for more information.
- WordPress Multi-site Support – Multi-Site environment is one which allows multiple subdomains / subdirectories to share a single installation. With multisite premium plugin, you can configure the SAML-compliant IDP in minutes for all your sites in a network. While, if you have basic premium plugin, you have to do plugin configuration on each site individually as well as multiple service provider configuration's in the SAML-compliant IDP.Click here for more information.
- Redirect URL after Login – You can configure the WordPress logins initiated from the Web Console to automatically redirect users to the IdP(Azure AD, Azure B2C, Office 365, Microsoft 365). If multiple IdPs (Azure AD SSO, Azure B2C SSO, Office 365,Microsoft 365 SSO) are available, users choose which Microsoft application IdP validates their credentials.Click here for more information.
- Widget to add IDP Login – We customize Add a link or button anywhere on your WordPress site to allow users to authenticate via their Identity Provider.Click here for more information.
- Auto Create Users – Users will be auto-created in WordPress after SSO which benefits you in maintaining stream lined account management with Improved Productivity and enhanced security.Click here for more information.
- SAML Single Logout – Support for SAML Single Logout (Works only if your IDP supports SLO).Click here for more information.
- Auto-redirect to IDP – Users will be redirected to SAML-compliant IdP for SSO when trying to access the WordPress login page.Click here for more information.
- Protect Site – Users trying to access WordPress will be redirected to the SAML-compliant Identity Provider for SSO.Click here for more information.
- Advanced Role Mapping – Azure AD, Azure B2C, Office 365 Login provides the feature to assign WordPress roles your users based on the group/role sent by your SAML-compliant IDP.Click here for more information.
- Reverse-proxy Support – Support for sites behind a reverse-proxy in Login with Office 365 Premium plugin.Click here for more information.
- Multiple Certificates – Store Multiple IdP Certificates.Click here for more information.
- Custom Certificate – Have your own custom SAML-compliant SP X-509 Certificate.Click here for more information.
- Multi-Network Support – Allow multiple Subdomains / subdirectories by sharing a single installation. Configure microsoft applications (Azure AD, Azure B2C, Office 365) for all your sites in a Network.https://www.miniorange.com/wordpress-single-sign-on-(sso)-for-multinetwork
- Single Sign-On (SSO) – Easy and seamless access to all resources. WordPress Single Sign On (SSO) via any existing Microsoft applications SAML 2.0 Identity Provider.Click here for more information.
Enterprise Features of Login with Azure – SSO (Azure B2C, Azure AD, Office 365, Microsoft 365)
- Includes all the STANDARD version features.
- Multiple SAML IDPs Support – We now support configuration of Multiple SAML-compliant IDPs in the plugin to authenticate the different group of users with different IDP's. You can give access to users by users to IDP mapping (which SAML-compliant IDP to use to authenticate a user) is done based on the domain name in the user's email. (This is a Enterprise feature with separate licensing. Contact us at info@xecurify.com to get licensing plans for this feature.)
- Easy migration from dev to prod – Compatible with multiple environments in a hosting provider like Pantheon, WP-Engine, WordPress VIP. In general, if you make copy of your site then all the configuration will also get copied resulting in interuption of SSO. Using this feature you can easy migrate without breaking the SSO on test/stag/prod site.Click here for more information.
- Mu Domain Mapping Support – If you are using WordPress Multisite installation with each subsite using different domain host (Multiple Domain Installation) then SSO can be performed in all the subsites regardless of their domain.Click here for more information.
- SAML Single Logout – Support for SAML Single Logout (Works only if your IDP supports SLO).Click here for more information.
- Auto-redirect to IDP – Users will be redirected to SAML-compliant IdP for SSO when trying to access the WordPress login page.Click here for more information.
- Protect Site – Users trying to access WordPress will be redirected to the SAML-compliant Identity Provider for SSO.Click here for more information.
- Advanced Role Mapping – Azure AD, Azure B2C, Office 365 Login provides the feature to assign WordPress roles your users based on the group/role sent by your SAML-compliant IDP.Click here for more information.
- Reverse-proxy Support – Support for sites behind a reverse-proxy in Login with Office 365 Premium plugin.Click here for more information.
- Multiple Certificates – Store Multiple IdP Certificates.Click here for more information.
- Custom Certificate – Have your own custom SAML-compliant SP X-509 Certificate.Click here for more information.
- WordPress Multi-site Support – Multi-Site environment is one which allows multiple subdomains / subdirectories to share a single installation. With multisite premium plugin, you can configure the SAML-compliant IDP in minutes for all your sites in a network. While, if you have basic premium plugin, you have to do plugin configuration on each site individually as well as multiple service provider configuration's in the SAML-compliant IDP.Click here for more information.
All-Inclusive Features of Login with Azure – SSO (Azure B2C, Azure AD, Office 365, Microsoft 365)
- Includes all the Enterprise version features.
- Customize Metadata Contact Information – You can now customize Organization profile as well as technical details in Service Provider Metadata.
- Configuring Plugin using APIs – You can configure the plugin using API calls as well as WP-CLI. It helps you to manage configuration for large number of sites and easily automate the process.
- Add-Ons included – You will get the following addons in the license cost itself for extended functionality. It provides functionality ranging from Automatic user provisioning, login audit, session manager, LMS mapper, Page/Post/Media restriction, etc.
Add-ons
We have a variety of add-ons that can be integrated with the Login with Office 365 plugin to improve the functionality of your WordPress site.
- Page Restriction – This add-on is basically used to protect the pages/posts of your site with SAML-compliant IDP login page and also, restrict the access to pages/posts of the site based on the user roles.
- BuddyPress Integration – This add-on maps the attributes fetched from the SAML-compliant IdP with BuddyPress attributes.
- LearnDash Integration – This add-on will map the SAML-compliant IdP attributes to the LearnDash attributes.
- Media Restriction – This add-on restricts unauthorized users from accessing the media files on your WordPress site.
- Attribute based Redirection (ABAC) – This plugin can be used to restrict and redirect users to different URLs based on Azure AD / Azure B2C / Office 365 IDP attributes.
- SCIM-User Provisioning – SCIM Auto User Provisioning allows users to sync, Create, Update, delete users from Azure AD or all SCIM capable Identity providers(IdPs) to WordPress sites.
- SSO Login Audit – SSO Login Audit captures all the SSO users and will generate the reports.
- SSO Session Management– SSO session management add-on manages the login session time of your users based on their WordPress roles.
If you are looking for an SAML-compliant Identity Provider,you can try out miniOrange On-Premise IdP.
You might be interested to know that if you're a current Office 365, Azure or you're already using Azure AD – and can use this tenant to manage access to any of the other cloud services with which Azure AD integrates.
Contact us at info@xecurify.com to get add-ons.
Website –
Check out our website for other plugins http://miniorange.com/plugins or click here to see all our listed WordPress plugins.
For more support or info email us at info@xecurify.com or Contact us. You can also submit your query from plugin's configuration page.
Installation
From your WordPress dashboard
- Visit
Plugins > Add New
. - Search for
Azure AD, Azure B2C, Office 365 Login
. Find and InstallAzure AD, Azure B2C, Office 365 Login
. - Activate the plugin from your Plugins page.
From WordPress.org
- Download Login with Office 365 plugin.
- Unzip and upload the
login-with-office-365
directory to your/wp-content/plugins/
directory. - Activate Login with Office 365 from your Plugins page.
FAQ
I am not able to configure the Identity Provider with the provided settings
Please email us at info@xecurify.com or Contact us. You can also submit your app request from plugin's configuration page.
For any query/problem/request
Visit Help & FAQ section in the plugin OR email us at info@xecurify.com or Contact us. You can also submit your query from plugin's configuration page.
B2c Single Sign On Configuration Yahoo
Reviews
Contributors & Developers
'Login with Azure – SSO(Azure B2C, Azure AD)' is open source software. The following people have contributed to this plugin.
ContributorsInterested in development?
To configure the integration of Zendesk into Azure AD, you need to add Zendesk from the gallery to your list of managed SaaS apps.
- Sign in to the Azure portal using either a work or school account, or a personal Microsoft account.
- On the left navigation pane, select the Azure Active Directory service.
- Navigate to Enterprise Applications and then select All Applications.
- To add new application, select New application.
- In the Add from the gallery section, type Zendesk in the search box.
- Select Zendesk from results panel and then add the app. Wait a few seconds while the app is added to your tenant.
Configure and test Azure AD SSO for Zendesk
Configure and test Azure AD SSO with Zendesk using a test user called B.Simon. For SSO to work, you need to establish a link relationship between an Azure AD user and the related user in Zendesk.
To configure and test Azure AD SSO with Zendesk, perform the following steps:
- Configure Azure AD SSO - to enable your users to use this feature.
- Create an Azure AD test user - to test Azure AD single sign-on with B.Simon.
- Assign the Azure AD test user - to enable B.Simon to use Azure AD single sign-on.
- Configure Zendesk SSO - to configure the single sign-on settings on application side.
- Create Zendesk test user - to have a counterpart of B.Simon in Zendesk that is linked to the Azure AD representation of user.
- Test SSO - to verify whether the configuration works.
Configure Azure AD SSO
Follow these steps to enable Azure AD SSO in the Azure portal.
In the Azure portal, on the Zendesk application integration page, find the Manage section and select single sign-on.
On the Select a single sign-on method page, select SAML.
On the Set up single sign-on with SAML page, click the pencil icon for Basic SAML Configuration to edit the settings.
On the Basic SAML Configuration section, perform the following steps:
a. In the Sign on URL text box, type a URL using the following pattern:
https://.zendesk.com
b. In the Identifier (Entity ID) text box, type a URL using the following pattern:
https://.zendesk.com
c. In the Reply URL text box, type a URL using the following pattern:
https://.zendesk.com/access/saml
Note
These values are not real. Update these values with the actual Sign on URL, Identifier and Reply URL. Contact Zendesk Client support team to get these values. You can also refer to the patterns shown in the Basic SAML Configuration section in the Azure portal.
Zendesk application expects the SAML assertions in a specific format. There are no mandatory SAML attributes but optionally you can manage from the User Attributes section on application integration page. On the Set up Single Sign-On with SAML page, click Edit button to open User Attributes dialog.
Note
You use extension attributes to add attributes that are not in Azure AD by default. Click User attributes that can be set in SAML to get the complete list of SAML attributes that Zendesk accepts.
In the SAML Signing Certificate section, click Edit button to open SAML Signing Certificate dialog.
In the SAML Signing Certificate section, copy the Thumbprint Value and save it on your computer.
On the Set up Zendesk section, copy the appropriate URL(s) based on your requirement.
Create an Azure AD test user
In this section, you'll create a test user in the Azure portal called B.Simon.
- From the left pane in the Azure portal, select Azure Active Directory, select Users, and then select All users.
- Select New user at the top of the screen.
- In the User properties, follow these steps:
- In the Name field, enter
B.Simon
. - In the User name field, enter the username@companydomain.extension. For example,
B.Simon@contoso.com
. - Select the Show password check box, and then write down the value that's displayed in the Password box.
- Click Create.
- In the Name field, enter
Assign the Azure AD test user
In this section, you'll enable B.Simon to use Azure single sign-on by granting access to Zendesk.
- In the Azure portal, select Enterprise Applications, and then select All applications.
- In the applications list, select Zendesk.
- In the app's overview page, find the Manage section and select Users and groups.
- Select Add user, then select Users and groups in the Add Assignment dialog.
- In the Users and groups dialog, select B.Simon from the Users list, then click the Select button at the bottom of the screen.
- If you are expecting a role to be assigned to the users, you can select it from the Select a role dropdown. If no role has been set up for this app, you see 'Default Access' role selected.
- In the Add Assignment dialog, click the Assign button.
Configure Zendesk SSO
To automate the configuration within Zendesk, you need to install My Apps Secure Sign-in browser extension by clicking Install the extension.
After adding extension to the browser, click on setup Zendesk will direct you to the Zendesk application. From there, provide the admin credentials to sign into Zendesk. The browser extension will automatically configure the application for you and automate steps 3-6.
If you want to setup Zendesk manually, open a new web browser window and sign into your Zendesk company site as an administrator and perform the following steps:
In the Zendesk Admin Center, click on Security settings in the Security tab.
Go to the Single sign-on page and click on Edit in the SAML.
Perform the following steps in the SSO page.
a. In SAML SSO URL textbox, paste the value of Login URL which you have copied from Azure portal.
b. In Certificate Fingerprint textbox, paste the Thumbprint value of certificate which you have copied from Azure portal.
c. In Remote Logout URL textbox, paste the value of Logout URL which you have copied from Azure portal.
d. Click Save.
Create Zendesk test user
The objective of this section is to create a user called Britta Simon in Zendesk. Zendesk supports automatic user provisioning, which is by default enabled. You can find more details here on how to configure automatic user provisioning.
Test SSO
In this section, you test your Azure AD single sign-on configuration with following options.
Click on Test this application in Azure portal. This will redirect to Zendesk Sign-on URL where you can initiate the login flow.
Go to Zendesk Sign-on URL directly and initiate the login flow from there.
You can use Microsoft My Apps. When you click the Zendesk tile in the My Apps, this will redirect to Zendesk Sign-on URL. For more information about the My Apps, see Introduction to the My Apps.
Next steps
Once you configure Zendesk you can enforce session control, which protects exfiltration and infiltration of your organization's sensitive data in real time. Session control extends from Conditional Access. Learn how to enforce session control with Microsoft Cloud App Security.
Description
ONE LOGIN FOR MULTIPLE MICROSOFT ACCOUNTS (AZURE AD/B2C/O365)
Azure AD, Azure B2C, Office 365, Microsoft 365 Login uses SAML Single Sign On to allows users residing at Microsoft Azure to login into your WordPress site securely using their Azure AD, Azure B2C, O365, Microsoft 365 accounts.
Only after successful authentication with Azure AD / Azure B2C, Office 365 the plugin authorizes the users and grants them access to the WordPress site.
List of Supported IdPs
- Azure AD (supports SAML SSO for WordPress login)
- Azure AD B2C (supports SAML SSO for WordPress login)
- Office 365 (supports SAML SSO for WordPress login)
- Microsoft 365 (supports SAML SSO for WordPress login)
- ADFS (supports SAML SSO for WordPress login)
and practically any SAML compliant Identity Provider.
Azure AD SAML SSO Video Guide Links:
* App Registration Application
* Enterprise Application
miniOrange Azure AD, Azure B2C, Office 365 Login Plugin acts as a SAML 2.0 Service Provider which can be configured to establish the trust between the plugin and Azure Active Directory / Azure B2C to securely authenticate the Azure AD, Azure B2C, O365 or Microsoft 365 users to the WordPress site.
WordPress Multi-Site Environment and the ability to configure Multiple IDPs/tenants/Azure Enterprise applications against wordpress as service provider is also supported in premium/Enterprise version of Azure AD, Azure B2C, Office 365 Login plugin.
If you require any Single Sign On (SSO) application or need any help with installing this plugin, please feel free to email us at samlsupport@xecurify.com or Contact us.
WordPress Single Sign On (SSO)
Single Sign-On (SSO) is an authentication process in which a user can login to multiple applications and/or websites by using only a single set of login credentials (such as username and password). This prevents the need for the user to login separately into the different applications. Single Sign-On addresses the challenge of maintaining the credentials for each application separately, streamlining the process of signing-on without need to re-enter the password.
Azure / O365 SAML Single Sign On supports all kinds of SSO use cases such as Azure login, Azure AD login, Office 365 login, ADFS login, Okta login, OneLogin SSO, Salesforce login, Google Apps login, Keycloak login, Auth0 login, Shibboleth login, PingFederate login, etc. allowing your users to securely login to the WordPress site.
Free Version Features
- Login with Azure – SSO (Azure B2C, Azure AD) supports SSO with any 3rd party SAML supported Identity Providers like Azure AD, Azure B2C, Office 365, Microsoft 365, ADFS, Okta, Salesforce, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ etc.
- Auto Create Users – Users will be auto-created in WordPress after SSO
- Login Widgets – Use Widgets to easily integrate the login link with your WordPress site.
- Attribute Mapping – Easily map attributes like First Name, Last Name, Email and Username from SAML-compliant IdP to your WordPress user attributes.
- Role Mapping – Select default role to assign to users on auto registration.
Standard Version Features
- Unlimited Authentications – Unlimited authentication with your SAML 2.0 compliant Identity Providers like Azure AD, Azure B2C, Office 365, Microsoft 365, ADFS, Okta, Salesforce, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, OneLogin, Bitium, WSO2, NetIQ etc. Click here for more information.
- Advanced Attribute Mapping – Azure AD, Azure B2C, Office 365 Login provides the feature to map your IDP attributes to your WordPress site attributes like Username, Email, First Name, Last Name, Group/Role, Display Name. Click here for more information.
- Login Widgets and Short Code – Use Widgets to easily integrate the login link with your WordPress site. Use Short Code (PHP or HTML) generated by Login with Azure – SSO (Azure B2C, Azure AD) to place the login link wherever you want on the site.Click here for more information.
- Step-by-step Guides – Use step-by-step guide to configure your SAML-compliant Identity Provider like Azure AD, Azure B2C, Office 365, Microsoft 365, ADFS, Centrify, Google Apps, Okta, OneLogin, Salesforce, SimpleSAMLphp, Shibboleth, WSO2, JBoss Keycloak, Oracle.Click here for more information.
- Auto-redirect to IDP [Protect Complete Site] – Users trying to access WordPress site will be redirected to the Identity Provider for SSO.Click here for more information.
- Protect WordPress login page – Users trying to access WordPress login page will be redirected to the Identity Provider for SSO.Click here for more information.
- Customize SP Configuration – Change SP base URL and SP Entity ID.Click here for more information.
- Select Binding Type – Select HTTP-Post or HTTP-Redirect binding type to use for sending SAML Requests.Click here for more information.
- Integrated Windows Authentication – Support for Integrated Windows Authentication (IWA) in Azure AD, Azure B2C, Office 365 Login Premium plugin.Click here for more information.
Premium Features of Login with Azure – SSO (Azure B2C, Azure AD, Office 365, Microsoft 365)
- Includes all the STANDARD version features.
- Role Mapping – Helps you to assign specific wordpress roles to users of a certain group(Self Service Group Management) in your IdP like Azure AD as IdP, Azure B2C as IdP or Office 365 as IdP or Microsoft 365 as IDP. Click here for more information.
- Auto-sync IdP Configuration from metadata – Keep your Azure AD, Azure B2C, Microsoft 365 or O365 IDP SAML Configuration and Certificates updated and in sync. Click here for more information.
- WordPress Multi-site Support – Multi-Site environment is one which allows multiple subdomains / subdirectories to share a single installation. With multisite premium plugin, you can configure the SAML-compliant IDP in minutes for all your sites in a network. While, if you have basic premium plugin, you have to do plugin configuration on each site individually as well as multiple service provider configuration's in the SAML-compliant IDP.Click here for more information.
- Redirect URL after Login – You can configure the WordPress logins initiated from the Web Console to automatically redirect users to the IdP(Azure AD, Azure B2C, Office 365, Microsoft 365). If multiple IdPs (Azure AD SSO, Azure B2C SSO, Office 365,Microsoft 365 SSO) are available, users choose which Microsoft application IdP validates their credentials.Click here for more information.
- Widget to add IDP Login – We customize Add a link or button anywhere on your WordPress site to allow users to authenticate via their Identity Provider.Click here for more information.
- Auto Create Users – Users will be auto-created in WordPress after SSO which benefits you in maintaining stream lined account management with Improved Productivity and enhanced security.Click here for more information.
- SAML Single Logout – Support for SAML Single Logout (Works only if your IDP supports SLO).Click here for more information.
- Auto-redirect to IDP – Users will be redirected to SAML-compliant IdP for SSO when trying to access the WordPress login page.Click here for more information.
- Protect Site – Users trying to access WordPress will be redirected to the SAML-compliant Identity Provider for SSO.Click here for more information.
- Advanced Role Mapping – Azure AD, Azure B2C, Office 365 Login provides the feature to assign WordPress roles your users based on the group/role sent by your SAML-compliant IDP.Click here for more information.
- Reverse-proxy Support – Support for sites behind a reverse-proxy in Login with Office 365 Premium plugin.Click here for more information.
- Multiple Certificates – Store Multiple IdP Certificates.Click here for more information.
- Custom Certificate – Have your own custom SAML-compliant SP X-509 Certificate.Click here for more information.
- Multi-Network Support – Allow multiple Subdomains / subdirectories by sharing a single installation. Configure microsoft applications (Azure AD, Azure B2C, Office 365) for all your sites in a Network.https://www.miniorange.com/wordpress-single-sign-on-(sso)-for-multinetwork
- Single Sign-On (SSO) – Easy and seamless access to all resources. WordPress Single Sign On (SSO) via any existing Microsoft applications SAML 2.0 Identity Provider.Click here for more information.
Enterprise Features of Login with Azure – SSO (Azure B2C, Azure AD, Office 365, Microsoft 365)
- Includes all the STANDARD version features.
- Multiple SAML IDPs Support – We now support configuration of Multiple SAML-compliant IDPs in the plugin to authenticate the different group of users with different IDP's. You can give access to users by users to IDP mapping (which SAML-compliant IDP to use to authenticate a user) is done based on the domain name in the user's email. (This is a Enterprise feature with separate licensing. Contact us at info@xecurify.com to get licensing plans for this feature.)
- Easy migration from dev to prod – Compatible with multiple environments in a hosting provider like Pantheon, WP-Engine, WordPress VIP. In general, if you make copy of your site then all the configuration will also get copied resulting in interuption of SSO. Using this feature you can easy migrate without breaking the SSO on test/stag/prod site.Click here for more information.
- Mu Domain Mapping Support – If you are using WordPress Multisite installation with each subsite using different domain host (Multiple Domain Installation) then SSO can be performed in all the subsites regardless of their domain.Click here for more information.
- SAML Single Logout – Support for SAML Single Logout (Works only if your IDP supports SLO).Click here for more information.
- Auto-redirect to IDP – Users will be redirected to SAML-compliant IdP for SSO when trying to access the WordPress login page.Click here for more information.
- Protect Site – Users trying to access WordPress will be redirected to the SAML-compliant Identity Provider for SSO.Click here for more information.
- Advanced Role Mapping – Azure AD, Azure B2C, Office 365 Login provides the feature to assign WordPress roles your users based on the group/role sent by your SAML-compliant IDP.Click here for more information.
- Reverse-proxy Support – Support for sites behind a reverse-proxy in Login with Office 365 Premium plugin.Click here for more information.
- Multiple Certificates – Store Multiple IdP Certificates.Click here for more information.
- Custom Certificate – Have your own custom SAML-compliant SP X-509 Certificate.Click here for more information.
- WordPress Multi-site Support – Multi-Site environment is one which allows multiple subdomains / subdirectories to share a single installation. With multisite premium plugin, you can configure the SAML-compliant IDP in minutes for all your sites in a network. While, if you have basic premium plugin, you have to do plugin configuration on each site individually as well as multiple service provider configuration's in the SAML-compliant IDP.Click here for more information.
All-Inclusive Features of Login with Azure – SSO (Azure B2C, Azure AD, Office 365, Microsoft 365)
- Includes all the Enterprise version features.
- Customize Metadata Contact Information – You can now customize Organization profile as well as technical details in Service Provider Metadata.
- Configuring Plugin using APIs – You can configure the plugin using API calls as well as WP-CLI. It helps you to manage configuration for large number of sites and easily automate the process.
- Add-Ons included – You will get the following addons in the license cost itself for extended functionality. It provides functionality ranging from Automatic user provisioning, login audit, session manager, LMS mapper, Page/Post/Media restriction, etc.
Add-ons
We have a variety of add-ons that can be integrated with the Login with Office 365 plugin to improve the functionality of your WordPress site.
- Page Restriction – This add-on is basically used to protect the pages/posts of your site with SAML-compliant IDP login page and also, restrict the access to pages/posts of the site based on the user roles.
- BuddyPress Integration – This add-on maps the attributes fetched from the SAML-compliant IdP with BuddyPress attributes.
- LearnDash Integration – This add-on will map the SAML-compliant IdP attributes to the LearnDash attributes.
- Media Restriction – This add-on restricts unauthorized users from accessing the media files on your WordPress site.
- Attribute based Redirection (ABAC) – This plugin can be used to restrict and redirect users to different URLs based on Azure AD / Azure B2C / Office 365 IDP attributes.
- SCIM-User Provisioning – SCIM Auto User Provisioning allows users to sync, Create, Update, delete users from Azure AD or all SCIM capable Identity providers(IdPs) to WordPress sites.
- SSO Login Audit – SSO Login Audit captures all the SSO users and will generate the reports.
- SSO Session Management– SSO session management add-on manages the login session time of your users based on their WordPress roles.
If you are looking for an SAML-compliant Identity Provider,you can try out miniOrange On-Premise IdP.
You might be interested to know that if you're a current Office 365, Azure or you're already using Azure AD – and can use this tenant to manage access to any of the other cloud services with which Azure AD integrates.
Contact us at info@xecurify.com to get add-ons.
Website –
Check out our website for other plugins http://miniorange.com/plugins or click here to see all our listed WordPress plugins.
For more support or info email us at info@xecurify.com or Contact us. You can also submit your query from plugin's configuration page.
Installation
From your WordPress dashboard
- Visit
Plugins > Add New
. - Search for
Azure AD, Azure B2C, Office 365 Login
. Find and InstallAzure AD, Azure B2C, Office 365 Login
. - Activate the plugin from your Plugins page.
From WordPress.org
- Download Login with Office 365 plugin.
- Unzip and upload the
login-with-office-365
directory to your/wp-content/plugins/
directory. - Activate Login with Office 365 from your Plugins page.
FAQ
I am not able to configure the Identity Provider with the provided settings
Please email us at info@xecurify.com or Contact us. You can also submit your app request from plugin's configuration page.
For any query/problem/request
Visit Help & FAQ section in the plugin OR email us at info@xecurify.com or Contact us. You can also submit your query from plugin's configuration page.
B2c Single Sign On Configuration Yahoo
Reviews
Contributors & Developers
'Login with Azure – SSO(Azure B2C, Azure AD)' is open source software. The following people have contributed to this plugin.
ContributorsInterested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.1
B2c Single Sign On Configuration Settings
- Compatibility with WordPress 5.5 and PHP 7.4+
- Sanitization fixes
Single Sign-on Configuration B2c
1.0
Azure B2c Single Sign-on Configuration
Initial public release