Perform the following steps to connect Entra to your WordPress website.
- Sign in to Entra Portal and if needed, switch to the correct tenant / directory. To switch directories, activate your personal profile menu located in the right upper corner of the portal and click Switch directories.
- From the portal’s main menu, select Identity > Applications > Enterprise applications. A list of all configured applications will show, including apps that were added from the gallery.
- Click + New application > Create your own application.
- Enter your own name for the new application, select Integrate any other application you don’t find in the gallery (Non-gallery) and finally click Create. The new app is added to the list of enterprise applications and opens to its Overview screen.
Please note “https://www.wpo365connect.com/ | TUTORIAL” is an exemplary name for the application and must be replaced by your own name.
- Continue by selecting Provisioning.
- On the Provisioning page, click again Provisioning under Manage.
- From the Provisioning Mode dropdown, select Automatic.
- As Tenant URL enter your website’s home URL and append the path /wp-json/wpo365/v1/ to it e.g. https://www.wpo365connect.com/wp-json/wpo365/v1/.
- Now copy the Admin Credentials > Secret Token that you generated (or entered) during the previous step and paste it as Secret Token.
- Click Test Connection.
- If the connection is tested successfully, click Save.
Please note www.wpo365connect.com is an exemplary home URL and must be replaced by your website’s home URL.
Troubleshoot Customers have encountered various issues in the past with getting the connection to work as expected. The two most common issues are:
- A security appliance, software, firewall, or Mod_Security (PHP) actively stripped the incoming Authorization header containing the bearer token sent by Entra ID to authenticate.
- The WordPress REST API and the custom endpoint provided by WPO365 required for the Entra ID connection were inaccessible. More often than not, the issue was due to a WordPress plugin blocking access to the WordPress REST API or because the WordPress permalinks have not been set up properly.