WordPress + Office 365 login


WordPress + Office 365 login allows Microsoft O365 users to seemlessly and securely log on to your corporate WordPress intranet: No username or password required!

Plugin Features

  • Automatically log on users that have successfully authenticated with Azure Active Directory / Office 365
  • Create a new WordPress user for each Office 365 user (and match both users by email address)
  • Allow for both WordPress-only and Office 365 users to log on to your corporate intranet
  • Prevent Office 365 users to change their email address
  • Prevent Office 365 users to request a new password
  • Refresh authentication when its expired (by default after one hour)


  • We have tested our plugin with WordPress 4.8.1 and PHP 5.5.0 and 5.6.25
  • You need to be (Office 365) Tenant Administrator to configure both Azure Active Directory and the plugin
  • Redux Framework Plugin to configure the Plugin’s option (a warning will be shown upon plugin activation)
  • You may want to consider further restrict access to the otherwise publicly available wp-content directory


We will go to great length trying to support you if the plugin doesn’t work as expected. You can create new issues over at Github. We haven’t been able to test our plugin in all endless possible WordPress configurations and versions but we are keen to hear from you.


We are keen to hear from you so share your feedback with us at info@wpo365.com and help us get better!

Open Source

When you’re a developer and interested in the code you should have a look at our repo over at [(]Github](https://github.com/wpo365/wpo365-login).

Please refer to this post for detailed installation and configuration instructions.

Installation Instructions

Please refer to this post for detailed installation and configuration instructions.

“WordPress + Office 365 login” is open source software. The following people have contributed to this plugin.



  • Initial version submitted to WordPress.org


  • Added WordPress compliant readme.txt


  • Removed wpo365-redirect.php (and calling wp-load.php)
  • Fixed debug level logging, now writing most of the logs when debug mode checked
  • Added option to manage pages to blacklist from session validation
  • Updated readme.txt


  • Added redux settings for preventing users changing email and/or password
  • Improved error handling with error messages shown on default wp login page
  • Improved flow and created hook to handle redirect (for future oauth tokens)
  • Renamed namespace Logger to Util
  • Obfuscated user’s id in session cookie


  • Remove usage of PHP session on each page load to optimize for PHP caching


  • Renamed main plugin file to wpo365-login.php
  • Tested with PHP 5.5.0
  • Fixed issue with array notation to support older PHP version
  • Fixed issue with generating certificate string
  • Removed redirect hook



Leave a Reply

6 + 6 =