Custom user fields

Introduction

WPO365 can enrich a user’s WordPress profile with (custom) Azure AD user profile attributes. Examples of such attributes include the user’s mobile phone and office phone numbers, the office location, the department he / she is in and the job title.

Custom user fields can be updated on various occasions:

  • A user interactively signs in with Microsoft
  • WPO365 synchronizes users from Microsoft Azure AD to WordPress
  • Azure AD User provisioning updates user attributes using the WPO365 SCIM client

Supported features

Basic user fields

WPO365 differentiates between updating basic WordPress user profile fields and custom user attributes that WordPress will store in so-called user meta fields.

Basic WordPress user fields are:

  • First name
  • Last name
  • Display name
  • Email address
Custom user fields

Examples of custom user attributes are:

  • Employee ID
  • Job title
  • Department
  • Mobile phone

A full list of custom user attributes is available from Microsoft here.

An example of custom user attributes synchronized from Azure AD to WordPress.

WPO365 can be configured to look for custom user attributes in the ID token it receives when a user signs in with Microsoft using OpenID Connect or in the SAML response when a user signs in with Microsoft using SAML 2.0. By default, however, will the plugin try and connect to Microsoft Graph to retrieve a complete set of user attributes.

BuddyPress Extended Profile Fields

If you configured custom user attributes such as Job title or Mobile phone and you are using BuddyPress, then you can configure the WPO365 plugin to update so-called BuddyPress Extended Profile Fields.

Custom security attributes

Custom security attributes is a new category of attributes that Microsoft has recently introduced and that are supported by WPO365. It requires additional configuration in Azure AD. An administrator must create separate attribute sets and grant specific permissions to assign, read and define attribute sets and their values. You must – for example – assign the App registration that you created for application-level access in Azure AD the role of Attribute Assignment Reader.

Plugins with this feature

The features in this article can be unlocked by the WPO365 | PROFESSIONAL and the WPO365 | INTEGRATE bundles.

Documentation

Videos