Philippe Signoret
Philippe Signoret
As a result of sign-in, the plugin does obtain an ID token (identifying the user to the plugin) and an access token (for calling Microsoft Graph), but the plugin does...
The plugin currently stores this in a session variable: `$_SESSION['aadsso_access_token']`, but it is not currently an intended scenario for other plugins to use this from there. (I'm saying that because...
Microsoft Graph API is failing your token validation because the token obtained by this plugin is for the Azure AD Graph API (they're different, you can think of Microsoft Graph...
Is you're Azure AD domain name federated to AD FS on-premises (e.g. when you type in your username and click Next, do you get redirected and then SSO'd)?
There are three ways you can achieve this. All three of them will enable a user who is signed-in to their computer to get single-sign on to Azure AD (and...
Sorry for the delayed response. When you change the redirect URL, are you changing it in both this plugin's configuration _and_ in the Azure AD app registration?
What are you setting the redirect URL to? It's important that the URL you're redirecting to actually invoke the WordPress sign-in points where the plugin hooks into.
The "Field to match to UPN" setting will be used to match the Azure AD use who has signed in, to an existing user in WordPress. What do you have...
(Apologies for the delay, I'm still catching up on issues.) Can you elaborate a bit more on how you would propose this be used? What would the dev/prod environments look...
@ferd-i Where do you expect/desire users to do the login?