What about actual users created before SSO?

  • Resolved Daniel P.

    (@danidub)


    2 months, 1 week ago

    Hello, we wanted to share/ask if this plugin can access our actual requirements.

    We have 8 websites, from the same group and they actually have different WordPress users created.
    This group also uses Azure, and we would like to manage all websites access using Azure SSO.

    We also wanted to give different access to the WordPress sites (admin, editor) but manage all from Azure, is this possible?

    What happen to our actual users in WordPress and the content they’ve created? They are mapped to the Azure users in some way?

    One last question, is there a feature to turn off any login if the user is not authorized from the Azure portal? And if we delete a user from Azure, we need to be sure that user can never login to any of the websites.

    Thank you.

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hi Daniel,

    Thanks for reaching out to us.

    Please find my remarks below to your questions:

    We also wanted to give different access to the WordPress sites (admin, editor) but manage all from Azure, is this possible?

    Yes, this is possible. For every site you have, you can create a separate Enterprise Application in Azure and assign users who will have access to the site to the appropriate apps.

    What happen to our actual users in WordPress and the content they’ve created? They are mapped to the Azure users in some way??

    Yes, the plugin maps the users from Azure with WordPress accounts using their username or email.
    So, let’s say, user A exists in WordPress with username “usera” and email “[email protected]”, and also exists in Azure with email “[email protected]”. When user A logs in through Azure Single Sign-On, he will be actually logged into the WordPress account of “usera” since the same email was found.

    One last question, is there a feature to turn off any login if the user is not authorized from the Azure portal? And if we delete a user from Azure, we need to be sure that user can never login to any of the websites.  

    If you want specific user(s) to not be able to login via Azure Single Sign-On, you can un-assign those particular users from the app created in Azure. Alternatively, you can also delete the users from Azure. This would automatically ensure that users can not login to any WordPress site using Azure Single Sign-On. On top of this, if you want the user to be deleted in real time from WordPress as well after removal from Azure, you can be achieve this using our?SCIM User Provisioning?plugin.

    I’d be happy to discuss your requirements in more detail. Please feel free to reach out to us via the contact form in the plugin so that we can schedule a call with you.

    Please let me know if you have any further questions.

    Thanks,
    Anukasha

    Thread Starter Daniel P.

    (@danidub)

    Great information @anukasha ??

    Is there a way to restrict the login onto WordPress only to users registered in Azure? I mean, We don’t want any user from outside Azure to login to our websites.

    The goal of this implementation is to only restrict the login using the Azure SSO, and disable the WordPress normal login.

    Thank you.

    Hi Daniel,

    The feature “Auto redirection from WP login” is available in the premium versions of our plugin. This feature would allow you to restrict access to your WordPress login page. Any unauthenticated user trying to access your site’s /wp-login.php or /wp-admin endpoints would automatically be redirected to Azure for authentication. This would ensure that only users authenticated via Azure can login into your site to view protected content.

    Please feel free to reach out if you need any further information, or have any other questions.

    Thanks,
    Anukasha

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.