WPO365

Single Sign-on (SSO) lets users log in to your site using their existing credentials from another service. This can improve the user experience, and can even make your site more secure depending on the service you’re using.

The WPBeginner team uses SSO to access all their editorial, SEO, analytics, and other tools using a single login. It’s helped us improve security, while also saving our team a ton of time.

Want to do the same thing on your WordPress website?

If you’re a Microsoft 365 user, then you may want to check out WPO365. It promises to seamlessly integrate Microsoft 365’s various services and software with your site. As a result, you’ll get automatic user provisioning, synchronization, SSO, and other powerful features.

In this WPO365 review, we’re deep-diving into this all-in-one integration for WordPress and Microsoft, to see exactly what it has to offer. We’ll be looking at its features, add-ons, pricing, and support, to see if it’s the right Microsoft integration for you.

WPO365 Review: Why Use It in WordPress?

Want to integrate your WordPress website with Microsoft 365?

WPO365 lets users sign into your website using their Microsoft account, so they don’t need to create a separate username and password. This can reduce the risk of password-related security breaches, while also improving the user experience.

It can also assign different WordPress roles to new users, based on their various Microsoft accounts and settings, or restrict access to certain pages and posts. WPO365 can even fetch data and content from Microsoft and then use it on your website, including user attributes, avatars, and contact information.

If you’re just getting started or have a limited budget, then you can download the 'WordPress + Microsoft Office 365 / Azure AD | LOGIN’ plugin from WordPress.org.

This free plugin lets visitors sign into your website using their Microsoft Entra ID account, so they don’t need to create a separate password.

You can also embed SharePoint Online libraries and lists on your WordPress website, alongside Outlook / Exchange Calendars. If you want to create an employee portal, then WPO365 makes it easy to embed an Azure AD / Microsoft Graph based Employee Directory in any WordPress page or post.

However, if you upgrade to a premium plan then you’ll get access to additional features and add-ons. This includes Entra User Provisioning, automatically synchronizing users from Azure Active Directory to your WordPress website, and assigning user roles based on properties such as Entra ID Groups, app roles, and User Attributes.

If you sell courses online, then the premium plugin also integrates with the LearnDash LMS plugin. This means you can automatically enrol users in specific LearnDash Courses and groups, based on their Microsoft accounts.

WPO365 Review: Is It the Right Microsoft Integration for You?

With Microsoft’s SSO, users can log into your site using their existing credentials. This means they don’t need to create or remember extra usernames and passwords.

Want to add SSO to WordPress, while strengthening its integration with other Microsoft 365 features and services?

Let’s take a closer look at WPO365, to see if it can help you achieve those goals.

1. Adds Sign Sign-on (SSO) to WordPress

WPO365 has a Single Sign-on (SSO) authentication flow that allows Microsoft 365 users to sign into your WordPress website using their corporate work or school account. Out-of-the-box, WPO365 supports Single Sign-on for Entra ID, Azure AD B2C and Entra External ID.

Alternatively, you can add an SAML 2.0 based Single Sign-On experience to your WordPress blog or website.

2. Supports OpenID Connect and SAML

WPO365 supports both the OpenID Connect and SAML 2.0 SSO protocols. Just be aware that WPO365 doesn’t support SAML 2.0 for Azure AD B2C.

3. Choose From Multiple Identity Providers

You can configure WPO365 to support multiple Identity Providers (IdPs) including Azure Active Directory, Azure AD B2C, and Government (GCCH).

If you do support multiple IdPs, then WPO365 will display all these IdPS in a dropdown list on the WordPress login screen. Users can then pick their preferred provider.

4. Data Privacy and Security

According to their website, WPO365 never shares sensitive information with WordPress, including the user’s Microsoft Office 365 password.

Instead, Microsoft provides information about the end user in the form of an ID token. WPO365 will then verify the ID token’s signature, and check that the audience matches the registered application. Finally, it will verify that the tenant ID matches the configured tenant.

If you’re using SAML 2.0 on your WordPress website, then WPO365 will authenticate using an encrypted SAML response message instead. For added security, WPO365 will verify the SAML response’s signature and check that it’s sent by the configured Entra ID tenant.

5. Choose From Multiple User Flows

WPO365 supports both the Authorization Code User Flow and Hybrid User Flow.

However, the WPO365 team recommends the Authorization Code User Flow, as only half a password gets sent to the client’s browser.

The server will then detect the code and use it to request an ID Token from Microsoft, which is considered more secure compared to the user’s browser.

6. Integrates with Microsoft Teams

WPO365 can seamlessly integrate your WordPress website into the Microsoft Teams communication tool. You can even enable single sign-on for a Teams tab app, so users can log into your site more easily.

7. Custom Loading Template

You can replace the default loading bars that people see when WPO365 redirects them to Microsoft. To do this, simply create a custom loading template and then upload it to the WordPress media library.

Then, simply add the template’s URL in the WPO365 settings, and the plugin will handle the rest.

8. Adds New Users Automatically

When someone new signs in using their Microsoft account, WPO365 will try to match them to an existing WordPress user. If it doesn’t find a matching username or email address, then WPO365 will create an account for them.

WPO365 can also generate an Azure AD B2C account from WordPress. To do this, WPO365 intercepts WordPress just before it creates the account, and then creates a new user account in Azure AD B2C using Microsoft Graph instead.

Since these new users sign in using their email address, they don’t need to know or remember their WordPress username and password. In fact, WPO365 can prevent users from changing their password or email address, which may improve your WordPress security.

9. Restrict Access to Pages and Posts

Sometimes, you may want to control who can access your content. For example, you might be working on an announcement post or an internal document, or need to share information privately within your team.

Alternatively, you might want to restrict pages to specific membership levels, so only subscribers can see your online courses or videos.

WPO365 can restrict access in several key ways. To start, it has an Intranet authentication scenario that stops anonymous internet users from seeing your content.

Alternatively, you can add specific posts to WPO365’s 'private’ list. Once done, only logged-in users can view this content, and everyone else will get redirected to Microsoft to authenticate.

Finally, you restrict access to specific Entra ID Groups based audiences.

10. Manage Your Emails with Microsoft

WPO365 can configure your WordPress website to send emails using the Microsoft Graph API. This lets you send emails from a Microsoft 365 Exchange Online enabled account, or even from a Microsoft 365 Shared Mailbox, instead of relying on an SMTP service.

WPO365 will save all these messages in your account’s mailbox, so you can easily track your email performance and see a complete history of your messages.

Even better, if an email doesn’t arrive safely then WPO365 will resend it automatically. It will also log every email sent from your site, so you can identify and fix any errors.

11. Hide the WordPress Admin Bar

By default, WordPress shows the admin bar to all logged-in users. This toolbar includes some useful shortcuts, but some users may find it distracting, especially if they’re looking at your site’s front-end.

If that’s the case, then WPO365 lets you hide the admin bar for specific WordPress user roles.

12. Embed Microsoft Power BI Content

Do you have a library of Microsoft Power BI content you want to share with your visitors or users?

In that case, WPO365 lets you embed most Power BI content and artifacts in WordPress, including reports, dashboards, and tiles.

You can also add your own settings by manually editing the configuration. For example, you might hide the filter panel or add your own custom filters to the embedded content.

13. Embed Sharepoint Content

With WPO365, you can easily embed a SharePoint Online library or list in WordPress.

It can also add a 'Content by Search’ filter to any page or post. This lets users search for content in SharePoint Online, directly from your WordPress website.

14. Embed an Outlook / Exchange Calendar

Do you use Outlook / Exchange to schedule your events?

Then you may want to display this information on your website. For example, you might use an embedded calendar to promote upcoming events to visitors, such as your webinars or online sermons. Alternatively, you might use a calendar to organize your company meetings, or to share your availability with potential customers.

With WPO365, you can easily embed an Outlook / Exchange calendar on your WordPress website, blog, or online store.

Simply enter some information about the calendar you want to embed, and WPO365 will generate a shortcode. You can then add this shortcode to any page, post, or widget-ready area.

15. Create an Employee Directory

A staff directory is a great way to connect with your audience and build trust. For example, if you run a consulting firm then you might highlight your team’s qualifications, to prove that you have the right skills for the job.

Employee directories can also help people find and connect with the right person. For example, if you run an educational website then you might create a staff directory so students can find the right faculty member and send them an email.

No matter what kind of website you run, WPO365 lets you embed an Entra ID / Microsoft Graph-based Employee Directory into any WordPress page or post.

Visitors can then search for staff members directly on your WordPress website and contact them with ease.

Going further, you can combine this feature with WPO365’s SharePoint Online support so visitors can search for colleagues by skills, interests, past projects and other important attributes.

16. Change the WordPress Login URL

WordPress is the most popular CMS platform and powers over 40% of websites. However, this popularity also makes it a common target for hackers, who may use techniques like brute force attacks to try and break into your dashboard.

Often, bots and hackers will try to access your site via common login URLs such as wp-admin and wp-login. That’s why we recommend all our readers change the default WordPress login page URL.

The good news is that WPO365 lets you make this change, simply by typing in the address you want to use instead.

17. Single Sign-out

In addition to SSO, WPO365 supports single sign-out. Once enabled, users will be automatically logged out of all their Entra ID applications upon signing out of Microsoft.

Similarly, WPO365 can log users out of Microsoft 365 when they sign out of WordPress, and then redirect them to the URL of your choice.

18. Protect Your REST API Endpoint

Do you use the REST API on your WordPress website?

Then WPO0365 lets you protect your endpoints using a combination of WordPress cookies and a nonce for delegated access. You can also enable Entra ID based protection.

After enabling this feature, any app requesting data from a protected endpoint will either get a 401 error or 403 error, unless they present a valid WordPress authentication cookie and a valid WordPress REST nonce.

19. Supports WordPress Multisite

Do you run a WordPress multisite network? Then you’ll be happy to learn that WPO365 integrates with WordPress multisite. In fact, it comes with two scenarios that you can use.

To start, WPO365 can redirect users to Microsoft for authentication when they try to access a subsite. After performing the authentication, WPO365 will sign them in within the context of the main site.

Alternatively, WPO365 has a 'dedicated mode’ where each subsite behaves similarly to a single WordPress website, and must be configured separately.

20. Login+ Add-On

Do you want to force your users to sign in with Microsoft SSO? In that case, WPO365’s Login+ add-on can redirect all requests from the standard WordPress login page, to Microsoft.

Alternatively, this add-on supports dual login. When enabled, visitors can choose to log in using their Microsoft account, or their WordPress username and password.

21. User Synchroniziation Add-on

The WPO365 Sync add-on can help automate user enrollment by syncing accounts using Microsoft Graph from Entra to WordPress.

The add-on can also create new WordPress users, or update existing users as part of the sync.

Going further, it can delete or deactivate users, which is particularly useful when you’re offboarding employees. When it deletes a user, WPO365 can even re-assign their content to another account.

Finally, the add-on can send an email summarizing all the changes it made during the sync. In this way, you can see exactly what’s happening across your website.

WPO365 can perform this sync based on a schedule set by you, or in response to an external trigger. Alternatively, you can perform these syncs manually, which is perfect if you need to control exactly when the user information gets updated.

22. SCIM Add-On

With the SCIM add-on, you can integrate your WordPress website with SCIM based Entra ID user provisioning. This will keep your user data synced with Entra ID, so you don’t need to give WordPress permission to access your Entra ID tenant, in order to fetch this information.

23. Roles + Access Add-On

After someone signs in with Microsoft, the WPO365 Roles + Access add-on can assign them a WordPress user role dynamically based on properties such as app roles, Entra ID Groups, and User Attributes.

You can also define a default role that WPO365 will use when none of your rules apply.

Once the user logs in, WPO365 can redirect them to a specific page based on their Entra ID group, or restrict access to your content based on their group or domain.

If the user isn’t a member of any allow-listed groups or domains, then WPO365 will redirect them to an error page instead.

24. Custom User Fields Add-on

The Custom User Fields add-on can enhance your WordPress user roles with Entra Attributes such as the person’s phone number, email address, office location, and department.

Out-of-the-box, this add-on will try to fetch relevant user attributes from Microsoft Graph. Alternatively, you can configure it to look for custom attributes in the ID token it gets when a user signs in using OpenID Connect, or in the SAML response.

Are you using BuddyPress? Then this WPO365 add-on can also update BuddyPress Extended Profile Fields.

25. Avatar Add-On

Avatars can help build a sense of community, make your pages look more interesting, and personalize the user experience.

That said, WPO365’s Avatar add-on can help you achieve all these things, by downloading the user’s profile picture from Microsoft Graph. It will then use this file as the person’s WordPress avatar, so they don’t need to rely on a service like Gravatar, or upload their own profile picture.

If you’re using BuddyPress, then WPO365 can also override the user’s BuddyPress avatar with their Microsoft Graph picture.

26. LearnDash Add-On

Do you sell courses online?

Then you’ll be happy to learn that WPO365 has a dedicated LearnDash add-on that can automatically enroll WordPress users in specific LearnDash courses and groups, based on their Entra Group or domain.

Alternatively, it can enroll all new users in the same default LearnDash course or user group. In this way, new students or employees will immediately get access to the resources they need, so they can start their online training straight away.

27. Community and Professional Support

Once it’s set up, WPO365 promises to keep your Microsoft 365 and WordPress information in sync. It will also create, update, and delete WordPress user profiles automatically, saving you even more time and effort.

However, the Microsoft 365 ecosystem includes lots of different products, settings, and services. With that said, you may need some help to get this integration running smoothly.

To start, there’s online documentation that you can access 24/7. Here, you’ll find articles covering everything from installing and activating the plugin, right through to exploring the individual Microsoft 365 apps.

There’s also step-by-step tutorials and video guides dedicated to very specific tasks. This includes how to send WordPress emails using a Microsoft 365 / Exchange Online account, and how to embed calendars on your WordPress website.

Do you prefer one-on-one support? Then all the premium WPO365 plans come with 1 year of email support.

Using the free plugin? Then you can post to the WPO365 forum on WordPress.org instead.

When posting to public support forums, it’s always a good idea to include as much detail as possible, so the experts can understand your problem fully and post a helpful response. For more on this topic, check out our guide on how to properly ask for WordPress support.

WPO365 Review: Pricing and Plans

If you’re just getting started or have a limited budget, then you can download the lite version of WPO365 from WordPress.org.

This free plugin lets you enable Microsoft-based SSO using the OpenID Connect or SAML 2.0 protocols. When a new user signs in with Microsoft, WPO365 can also create a new account for them automatically.

However, if you want to access the add-ons or advanced login options such as support for multitenancy, then you’ll need to upgrade to a premium plan.

There are 4 plans to choose from:

• Mail. For $49 per year, you can use WPO365 on a single WordPress blog, website, or online marketplace. You can also send WordPress emails from a Microsoft 365 Mailbox using Microsoft Graph, and automatically update a user’s First, Last, and Full Name details when they sign in with Microsoft.
• Professional. For $249 annually, you’ll get everything in the Mail plan plus the Essentials, Custom User Fields, Roles + Access, and Avatar add-ons.
• Customers. Priced at $349 per year, this plan synchronizes users from Entra ID to your WordPress website.
• Integrate. For $349, you’ll get everything in the Customers plan, plus the SCIM add-on. This lets you connect with Entra Application Provisioning. You can also embed Microsoft Power BI artifacts, SharePoint libraries, SharePoint lists, and Outlook / Exchange calendars in WordPress. If you run a small business website, then you can also add an Entra ID / Microsoft Graph-based Employee Directory to your WordPress website.

WPO365 Review: Is It the Right Microsoft Integration for You?

To sum up this WPO365 review, we’re confident that it’s a great choice if you want to integrate WordPress with Microsoft 365.

It promises to streamline user authentication by allowing users to log in to both WordPress and Microsoft 365 with a single set of credentials. You can also implement more secure authentication protocols, which can protect your site against hackers and other security threats.

WPO365 also aims to reduce your admin overhead by synching information between WordPress and Microsoft 365, and can even create, update, or delete WordPress accounts automatically.

We hope this WPO365 review helped you decide whether it’s the right Microsoft integration plugin for your WordPress website. You may also want to learn how to create automated workflows in WordPress, or see our expert pick of the best analytics solutions.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.