Hey Community members…
As we announced in a recent blog post, we are looking to move homes from Ning to WordPress (specifically BuddyPress). We are also looking to spin up a few conferences and events, per year (such as SPBiz and Collab365 Conference).
What’s the best way to consolidate the user account across both services? Ideally we want ONE account, so that it makes it far easier for a member to login and access content on either the new SPCOM site or access a session on one of the conferences.
One of the options we are looking into is Azure AD. You get half a million users ‘on the house’ and it takes away all of the hassle of “user management”. (Who wants to to manage password nowadays anyway ;)).
However, if we did go down this route, then couple of questions :
1. If a member already has an Azure AD login to another Tenant (e.g. to O365) then how do we make the experience seamless? It’d be great if they can simply login to both at the same time! When I have tried switching from one O365 to another, it’s not been good.
2. Has anyone authenticated with OAuth on WordPress (with Azure AD as the backing store) before? If so how did it go?
Ta
Mark
I haven’t done it with WordPress, but it sure makes my life easier dealing with an AD login that connects my profile across all Microsoft (MSDN, o365, Azure) all seamless. Go for it.
If I make it multi-tentant, then that means that we need to create an “app” and each Azure AD admin would have to register and trust our app in their own AD. Don’t think this would be a goer tbh…
Pretty certain you could use AD to Auth for WordPress, but just worried about the usability of already being logged into another AD… That’s the really problem with this approach I think.
I’m sure all you need is this OpenIDConnect sample. Sure you will have to make the module for wordpress (http://openid.net/developers/libraries/) but surely that wouldn’t be a big job. Matey basically I’m saying it should be simples.
WordPress -> authenticates to azure -> passes back token you login (You have also just authenticated on the azure side to).
For the multiple AD issue, couldn’t you make it a multi-tenant application and use the common endpoint perhaps? So they basically login with their own credentials? Not sure if this would work but worth an investigation.
Cheers for taking the time Hugh!Â
I probably haven’t described the problem well …
Fast forward a few months … SharePoint Community.net is now running on WordPress, but uses Azure AD to authenticate.Â
Imagine you are logged into Rencores Office 365 (in a Chrome), then you decide to pull up another browser tab and login to SPCOM. Won’t Azure AD prevent you from logging in to two directories from one browser session?Â
Can I give a link only answer? I think this is the correct example for you
https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet
If not that is definitely the correct github for you.
