After you enabled WPO365 to retrieve a list of Azure AD group IDs that a user is a member of, you should run the WPO365 Plugin self-test to confirm this.
Perform the following steps to start the self-test and review the outcome.
- Go to WP Admin > WPO365 > Plugin self-test.
- Click Start self-test.
- Since you configured single sign-on you will be asked to sign in with your test account.
- Scroll to the section ROLES + ACCESS and check if the test to retrieve a user’s Azure AD group memberships has passed successfully either with delegated permissions or with application permissions. You can click the View link to inspect the raw response that WPO365 received from Microsoft Graph.
Please note If you have configured application permissions to support application-only scenarios, then you can ignore the fact that the test case to request data from Microsoft Graph with delegated permissions has failed. If you deliberately not configured application permissions – in favor of delegated permissions – then you can safely ignore the corresponding failed test case to request data with application permissions.