diff --git a/AuthorizationHelper.php b/AuthorizationHelper.php
index e4f5b65..22928ea 100644
--- a/AuthorizationHelper.php
+++ b/AuthorizationHelper.php
@@ -27,6 +27,7 @@ public static function get_authorization_url( $settings, $antiforgery_id ) {
'client_id' => $settings->client_id,
'resource' => $settings->graph_endpoint,
'redirect_uri' => $settings->redirect_uri,
+ 'prompt' => $settings->login_prompt,
'state' => $antiforgery_id,
'nonce' => $antiforgery_id,
) );
diff --git a/Settings.php b/Settings.php
index 54c372c..95ad45c 100644
--- a/Settings.php
+++ b/Settings.php
@@ -46,6 +46,15 @@ class AADSSO_Settings {
*/
public $org_domain_hint = '';
+ /**
+ * Indicates whether the the user is prompted to enter their Entra ID credentials or to select
+ * from a listing of the accounts in session or to choose a different account altogether.
+ *
+ * @var string used for the prompt argument in the Entra ID authorization link
+ */
+ public $login_prompt = 'login';
+
+
/**
* Indicates which field is matched against the authenticated user's User Principal Name (UPN)
* to find a corresponding WordPress user. Valid options are 'login', 'email', or 'slug'.
@@ -159,6 +168,7 @@ public static function get_defaults( $key = null ) {
$defaults = array(
'org_display_name' => get_bloginfo( 'name' ),
+ 'login_prompt' => 'login',
'field_to_match_to_upn' => 'email',
'default_wp_role' => null,
'enable_auto_provisioning' => false,
diff --git a/SettingsPage.php b/SettingsPage.php
index 7126ab3..2d85303 100644
--- a/SettingsPage.php
+++ b/SettingsPage.php
@@ -257,6 +257,14 @@ public function register_settings() {
'aadsso_settings_general' // section
);
+ add_settings_field(
+ 'login_prompt', // id
+ __( 'Login prompt behavior', 'aad-sso-wordpress' ), // title
+ array( $this, 'login_prompt_callback' ), // callback
+ 'aadsso_settings_page', // page
+ 'aadsso_settings_general' // section
+ );
+
add_settings_field(
'field_to_match_to_upn', // id
__( 'Field to match to UPN', 'aad-sso-wordpress' ), // title
@@ -362,6 +370,14 @@ public function sanitize_settings( $input ) {
}
}
+ // Default login_prompt is 'login'
+ $sanitary_values['login_prompt'] = 'login';
+ if ( isset( $input['login_prompt'] )
+ && in_array( $input['login_prompt'], array( 'login', 'select_account' ) )
+ ) {
+ $sanitary_values['login_prompt'] = $input['login_prompt'];
+ }
+
// Default field_to_match_to_upn is 'email'
$sanitary_values['field_to_match_to_upn'] = 'email';
if ( isset( $input['field_to_match_to_upn'] )
@@ -539,6 +555,30 @@ public function logout_redirect_uri_callback() {
);
}
+ /**
+ * Renders the `login_prompt` form control.
+ */
+ public function login_prompt_callback() {
+ $selected =
+ isset( $this->settings['login_prompt'] )
+ ? $this->settings['login_prompt']
+ : '';
+ ?>
+
+ %s',
+ __( 'This specifies the login behavior for users during the Entra ID authentication process..', 'aad-sso-wordpress' )
+ );
+ }
+
/**
* Renders the `field_to_match_to_upn` form control.
*/
diff --git a/aad-sso-wordpress.php b/aad-sso-wordpress.php
index 9c33ee0..77a5b8b 100644
--- a/aad-sso-wordpress.php
+++ b/aad-sso-wordpress.php
@@ -5,7 +5,7 @@
Plugin URI: http://github.com/psignoret/aad-sso-wordpress
Description: Allows you to use your organization's Microsoft Entra ID (formerly known as Azure Active Directory) user accounts to log in to WordPress. If your organization is using Office 365, your user accounts are already in Microsoft Entra ID. This plugin uses OAuth 2.0 to authenticate users, and the Microsoft Graph API to get group membership and other details.
Author: Philippe Signoret
-Version: 0.7.1
+Version: 0.7.2
Author URI: https://www.psignoret.com/
Text Domain: aad-sso-wordpress
Domain Path: /languages/
diff --git a/languages/aad-sso-wordpress-de_DE.mo b/languages/aad-sso-wordpress-de_DE.mo
index 0f716de..cb2433e 100644
Binary files a/languages/aad-sso-wordpress-de_DE.mo and b/languages/aad-sso-wordpress-de_DE.mo differ
diff --git a/languages/aad-sso-wordpress-de_DE.po b/languages/aad-sso-wordpress-de_DE.po
index 68831ba..4bfb89a 100644
--- a/languages/aad-sso-wordpress-de_DE.po
+++ b/languages/aad-sso-wordpress-de_DE.po
@@ -1,10 +1,10 @@
msgid ""
msgstr ""
-"Project-Id-Version: Single Sign-on with Microsoft Entra ID (for "
-"WordPress) v0.6a\n"
+"Project-Id-Version: Single Sign-on with Microsoft Entra ID (for WordPress) "
+"v0.6a\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2016-04-06 13:58+0200\n"
-"PO-Revision-Date: 2016-04-06 13:58+0200\n"
+"POT-Creation-Date: 2025-07-29 12:03-0400\n"
+"PO-Revision-Date: 2025-07-29 12:10-0400\n"
"Last-Translator: christianhennen \n"
"Language-Team: \n"
"Language: de_DE\n"
@@ -12,16 +12,15 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=n != 1;\n"
-"X-Generator: Poedit 1.8.7\n"
+"X-Generator: Poedit 3.6\n"
"X-Poedit-SourceCharset: UTF-8\n"
-"X-Poedit-KeywordsList: __;_e;_n:1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;esc_attr__;"
-"esc_attr_e;esc_attr_x:1,2c;esc_html__;esc_html_e;esc_html_x:1,2c;_n_noop:1,2;"
-"_nx_noop:3c,1,2;__ngettext_noop:1,2\n"
+"X-Poedit-KeywordsList: "
+"__;_e;_n:1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;esc_attr__;esc_attr_e;esc_attr_x:1,2c;esc_html__;esc_html_e;esc_html_x:1,2c;_n_noop:1,2;_nx_noop:3c,1,2;__ngettext_noop:1,2\n"
"X-Textdomain-Support: yes\n"
"X-Poedit-Basepath: ..\n"
"X-Poedit-SearchPath-0: .\n"
-#: SettingsPage.php:118
+#: SettingsPage.php:127
msgid ""
"Legacy settings have been migrated and the old configuration file has been "
"deleted."
@@ -29,7 +28,7 @@ msgstr ""
"Alte Einstellungen wurden migriert und die alte Einstellungs-Datei wurde "
"gelöscht."
-#: SettingsPage.php:119
+#: SettingsPage.php:128
msgid ""
"To finish migration, unset AADSSO_SETTINGS_PATH from wp-"
"config.php. "
@@ -37,18 +36,18 @@ msgstr ""
"Um die Migration abzuschließen, entfernen Sie AADSSO_SETTINGS_PATH aus wp-config.php. "
-#: SettingsPage.php:123
+#: SettingsPage.php:132
msgid "Legacy settings have been migrated successfully. "
msgstr "Alte Einstellungen wurden erfolgreich migriert. "
-#: SettingsPage.php:124
+#: SettingsPage.php:133
#, php-format
msgid "To finish migration, delete the file at the path %s. "
msgstr ""
"Um die Migration abzuschließen, entfernen Sie bitte die folgende Datei: "
"%s. "
-#: SettingsPage.php:125
+#: SettingsPage.php:134
msgid ""
"Then, unset AADSSO_SETTINGS_PATH from wp-config.php. "
@@ -56,285 +55,407 @@ msgstr ""
"Entfernen Sie anschließend AADSSO_SETTINGS_PATH aus wp-"
"config.php. "
-#: SettingsPage.php:129
+#: SettingsPage.php:138
#, php-format
msgid "Legacy settings could not be migrated from %s. "
msgstr "Alte Einstellungen aus %s konnten nicht migriert werden. "
# @ aad-sso-wordpress
-#: SettingsPage.php:144
+#: SettingsPage.php:153
msgid ""
-"Single Sign-on with Microsoft Entra ID settings have been reset to "
-"default."
+"Single Sign-on with Microsoft Entra ID settings have been reset to default."
msgstr ""
"Die Single Sign-On mit Microsoft Entra ID Einstellungen wurden auf die "
"Standardwerte zurückgesetzt."
# @ aad-sso-wordpress
-#: SettingsPage.php:155
+#: SettingsPage.php:164
msgid "Microsoft Entra ID Settings"
msgstr "Microsoft Entra ID Einstellungen"
# @ aad-sso-wordpress
-#: SettingsPage.php:183
+#: SettingsPage.php:192
msgid "General"
msgstr "Allgemein"
+#: SettingsPage.php:199
+msgid "Advanced"
+msgstr ""
+
# @ aad-sso-wordpress
-#: SettingsPage.php:190
+#: SettingsPage.php:206
msgid "Display name"
msgstr "Anzeigename"
# @ aad-sso-wordpress
-#: SettingsPage.php:198
+#: SettingsPage.php:214
msgid "Domain hint"
msgstr "Domänen-Hinweis"
# @ aad-sso-wordpress
-#: SettingsPage.php:206
+#: SettingsPage.php:222
msgid "Client ID"
msgstr "Client ID"
# @ aad-sso-wordpress
-#: SettingsPage.php:214
+#: SettingsPage.php:230
msgid "Client secret"
msgstr "Client Passwort (Secret)"
-#: SettingsPage.php:222
+#: SettingsPage.php:238
msgid "Redirect URL"
msgstr "Weiterleitungs-URL"
-#: SettingsPage.php:230
+#: SettingsPage.php:246
msgid "Logout redirect URL"
msgstr "Weiterleitungs-URL nach Abmeldung"
+#: SettingsPage.php:254
+msgid "Enable full logout"
+msgstr ""
+
+#: SettingsPage.php:262
+msgid "Login prompt behavior"
+msgstr ""
+
# @ aad-sso-wordpress
-#: SettingsPage.php:238
+#: SettingsPage.php:270
msgid "Field to match to UPN"
msgstr "Feld für UPN-Zuordnung"
+#: SettingsPage.php:278
+msgid "Match on alias of the UPN"
+msgstr ""
+
# @ aad-sso-wordpress
-#: SettingsPage.php:246
+#: SettingsPage.php:286
msgid "Enable auto-provisioning"
msgstr "Automatische Provisionierung aktivieren"
# @ aad-sso-wordpress
-#: SettingsPage.php:254
+#: SettingsPage.php:294
msgid "Enable auto-forward to Microsoft Entra ID"
msgstr "Automatische Weiterleitung zum Microsoft Entra ID aktivieren"
# @ aad-sso-wordpress
-#: SettingsPage.php:262
+#: SettingsPage.php:302
msgid "Enable Microsoft Entra ID group to WordPress role association"
msgstr "Microsoft Entra ID Gruppen zu WordPress Rollen Zuordnung aktivieren"
# @ aad-sso-wordpress
-#: SettingsPage.php:270
+#: SettingsPage.php:310
msgid "Default WordPress role if not in Microsoft Entra ID group"
msgstr "Standard WordPress-Rolle falls nicht in Microsoft Entra ID Gruppe"
# @ aad-sso-wordpress
-#: SettingsPage.php:278
+#: SettingsPage.php:318
msgid "WordPress role to Microsoft Entra ID group map"
msgstr "WordPress Rollen-Zuordnung zu Microsoft Entra ID Gruppen"
+#: SettingsPage.php:326
+msgid "OpenID Connect configuration endpoint"
+msgstr ""
+
# @ aad-sso-wordpress
-#: SettingsPage.php:380
+#: SettingsPage.php:451
msgid "Map WordPress roles to Microsoft Entra ID groups."
msgstr "WordPress Rollen zu Microsoft Entra ID Gruppen zuordnen."
# @ aad-sso-wordpress
-#: SettingsPage.php:385
+#: SettingsPage.php:456
msgid "WordPress Role"
msgstr "WordPress-Rolle"
# @ aad-sso-wordpress
-#: SettingsPage.php:386
+#: SettingsPage.php:457
msgid "Microsoft Entra ID Group Object ID"
msgstr "Azure Gruppen-Objekt ID"
# @ aad-sso-wordpress
-#: SettingsPage.php:415
+#: SettingsPage.php:486
msgid "Display Name will be shown on the WordPress login screen."
msgstr ""
"Anzeigename, welcher auf dem WordPress Anmeldebildschirm angezeigt wird."
# @ aad-sso-wordpress
-#: SettingsPage.php:426
+#: SettingsPage.php:497
msgid ""
-"Provides a hint to Microsoft Entra ID about the domain or tenant they will be logging "
-"in to. If the domain is federated, the user will be automatically redirected "
-"to federation endpoint."
+"Provides a hint to Microsoft Entra ID about the domain or tenant they will "
+"be logging in to. If the domain is federated, the user will be automatically "
+"redirected to federation endpoint."
msgstr ""
"Gibt Benutzern einen Hinweis über die Domäne oder die Organisation, an der "
"sie angemeldet werden. Falls es sich um eine föderierte Domäne handelt, wird "
"der Benutzer zum Föderations-Endpunkt weitergeleitet."
# @ aad-sso-wordpress
-#: SettingsPage.php:439
-msgid "The client ID of the Microsoft Entra ID application representing this blog."
-msgstr "Die Client ID der Microsoft Entra ID Anwendung, die diesen Blog repräsentiert."
+#: SettingsPage.php:510
+msgid ""
+"The client ID of the Microsoft Entra ID application representing this blog."
+msgstr ""
+"Die Client ID der Microsoft Entra ID Anwendung, die diesen Blog "
+"repräsentiert."
# @ aad-sso-wordpress
-#: SettingsPage.php:450
-msgid "A secret key for the Microsoft Entra ID application representing this blog."
+#: SettingsPage.php:521
+msgid ""
+"A secret key for the Microsoft Entra ID application representing this blog."
msgstr ""
"Der geheime Schlüssel für die Microsoft Entra ID Anwendung, die diesen Blog "
"repräsentiert."
-#: SettingsPage.php:463 SettingsPage.php:480
+#: SettingsPage.php:534 SettingsPage.php:551 SettingsPage.php:689
msgid "Set default"
msgstr "Auf Standard zurücksetzen"
-#: SettingsPage.php:464
+#: SettingsPage.php:535
msgid ""
-"The URL where the user is redirected to after authenticating with Microsoft Entra ID. "
-"This URL must be registered in Microsoft Entra ID as a valid redirect URL, and it must "
-"be a page that invokes the \"authenticate\" filter. If you don't know what "
-"to set, leave the default value (which is this blog's login page)."
-msgstr ""
-"Die URL zu der der Benutzer weitergeleitet wird, nachdem er per Microsoft Entra ID "
-"angemeldet wurde. Diese URL muss in Microsoft Entra ID als gültige Weiterleitungs-URL "
-"hinterlegt sein und es muss sich um eine Seite handeln, die den "
-"„authenticate“-Filter von WordPress auslöst. Falls Sie sich über dieses Feld "
-"unsicher sind, belassen Sie es auf dem Standard-Wert (der URL zur Login-"
-"Seite dieses Blog)."
-
-#: SettingsPage.php:481
+"The URL where the user is redirected to after authenticating with Microsoft "
+"Entra ID. This URL must be registered in Microsoft Entra ID as a valid "
+"redirect URL, and it must be a page that invokes the \"authenticate\" "
+"filter. If you don't know what to set, leave the default value (which is "
+"this blog's login page)."
+msgstr ""
+"Die URL zu der der Benutzer weitergeleitet wird, nachdem er per Microsoft "
+"Entra ID angemeldet wurde. Diese URL muss in Microsoft Entra ID als gültige "
+"Weiterleitungs-URL hinterlegt sein und es muss sich um eine Seite handeln, "
+"die den „authenticate“-Filter von WordPress auslöst. Falls Sie sich über "
+"dieses Feld unsicher sind, belassen Sie es auf dem Standard-Wert (der URL "
+"zur Login-Seite dieses Blog)."
+
+#: SettingsPage.php:552
+#, fuzzy
+#| msgid ""
+#| "The URL where the user is redirected to after signing out of Microsoft "
+#| "Entra ID. This URL must be registered in Microsoft Entra ID as a valid "
+#| "redirect URL. (This does not affect logging out of the blog, it is only "
+#| "used when logging out of Azure AD.)"
msgid ""
-"The URL where the user is redirected to after signing out of Microsoft Entra ID. This "
-"URL must be registered in Microsoft Entra ID as a valid redirect URL. (This does not "
-"affect logging out of the blog, it is only used when logging out of Azure "
-"AD.)"
+"The URL where the user is redirected to after signing out of Microsoft Entra "
+"ID. This URL must be registered in Microsoft Entra ID as a valid redirect "
+"URL. (This does not affect logging out of the blog, it is only used when "
+"logging out of Microsoft Entra ID.)"
msgstr ""
"Die URL, zu der der Benutzer weitergeleitet wird nachdem er sich bei Azure "
-"AD abgemeldet hat. Diese URL muss in Microsoft Entra ID als gültige Weiterleitungs-URL "
-"hinterlegt sein. (Dies beeinflusst nicht das Abmelden vom Blog, sondern wird "
-"nur verwendet beim Logout von Microsoft Entra ID.)"
+"AD abgemeldet hat. Diese URL muss in Microsoft Entra ID als gültige "
+"Weiterleitungs-URL hinterlegt sein. (Dies beeinflusst nicht das Abmelden vom "
+"Blog, sondern wird nur verwendet beim Logout von Microsoft Entra ID.)"
+
+#: SettingsPage.php:569
+msgid "login : Forces the user to enter their credentials"
+msgstr ""
+"login: Zwingt den Benutzer, bei dieser Anfrage seine Anmeldeinformationen "
+"einzugeben, wodurch die einmalige Anmeldung verhindert wird."
+
+#: SettingsPage.php:572
+msgid ""
+"select_account : Prompts the user to select from accounts in session or "
+"choose a different account"
+msgstr ""
+"select_account: Fordert den Benutzer auf, aus den Konten in der Sitzung "
+"auszuwählen oder ein anderes Konto auszuwählen"
+
+#: SettingsPage.php:578
+msgid ""
+"This specifies the login behavior for users during the Entra ID "
+"authentication process. "
+msgstr ""
+"Dies legt das Anmeldeverhalten für Benutzer während des Entra ID-"
+"Authentifizierungsprozesses fest."
# @ aad-sso-wordpress
-#: SettingsPage.php:498
+#: SettingsPage.php:593
msgid "Email Address"
msgstr "E-Mail Adresse"
# @ aad-sso-wordpress
-#: SettingsPage.php:501
+#: SettingsPage.php:596
msgid "Login Name"
msgstr "Login-Name"
# @ aad-sso-wordpress
-#: SettingsPage.php:507
+#: SettingsPage.php:602
+#, fuzzy
+#| msgid ""
+#| "This specifies the WordPress user field which will be used to match to "
+#| "the Microsoft Entra ID user's UserPrincipalName. Email Address is fine "
+#| "for most instances."
msgid ""
"This specifies the WordPress user field which will be used to match to the "
-"Microsoft Entra ID user's UserPrincipalName. Email Address is fine for most instances."
+"Microsoft Entra ID user's UserPrincipalName."
msgstr ""
"Hier geben Sie das Feld eines WordPress Benutzers an, welches zum Abgleich "
-"mit dem UserPrincipalName des Microsoft Entra ID Benutzers verwendet wird. Die E-Mail-"
-"Adresse genügt in den meisten Fällen."
+"mit dem UserPrincipalName des Microsoft Entra ID Benutzers verwendet wird. "
+"Die E-Mail-Adresse genügt in den meisten Fällen."
+
+#: SettingsPage.php:613
+msgid ""
+"Match WordPress users based on the alias of their Microsoft Entra ID "
+"UserPrincipalName. For example, Microsoft Entra ID username "
+"bob@example.com will match WordPress user bob."
+msgstr ""
# @ aad-sso-wordpress
-#: SettingsPage.php:534
+#: SettingsPage.php:641
+#, fuzzy
+#| msgid ""
+#| "This is the default role that users will be assigned to if matching "
+#| "Microsoft Entra ID group to WordPress roles is enabled."
msgid ""
-"This is the default role that users will be assigned to if matching Microsoft Entra ID "
-"group to WordPress roles is enabled."
+"This is the default role that users will be assigned to if matching "
+"Microsoft Entra ID group to WordPress roles is enabled, but the signed in "
+"user isn't a member of any of the configured Microsoft Entra ID groups."
msgstr ""
"Dies ist die Standard-Rolle, die Benutzern zugeordnet wird wenn die "
"Zuordnung von Microsoft Entra ID Gruppen zu WordPress-Rollen aktiviert ist."
# @ aad-sso-wordpress
-#: SettingsPage.php:545
+#: SettingsPage.php:653
msgid ""
-"Automatically create WordPress users, if needed, for authenticated Microsoft Entra ID "
-"users."
+"Automatically create WordPress users, if needed, for authenticated Microsoft "
+"Entra ID users."
msgstr ""
-"Automatisch Wordpress-Benutzerkonten für authentifizierte Microsoft Entra ID Benutzer "
-"anlegen, falls nötig."
+"Automatisch Wordpress-Benutzerkonten für authentifizierte Microsoft Entra ID "
+"Benutzer anlegen, falls nötig."
# @ aad-sso-wordpress
-#: SettingsPage.php:556
+#: SettingsPage.php:664
msgid ""
-"Automatically forward users to the Microsoft Entra ID to sign in, skipping the "
-"WordPress login screen."
+"Automatically forward users to the Microsoft Entra ID to sign in, skipping "
+"the WordPress login screen."
msgstr ""
-"Benutzer werden automatisch zum Microsoft Entra ID Login umgeleitet, der WordPress-"
-"Anmeldebildschirm wird übersprungen."
+"Benutzer werden automatisch zum Microsoft Entra ID Login umgeleitet, der "
+"WordPress-Anmeldebildschirm wird übersprungen."
# @ aad-sso-wordpress
-#: SettingsPage.php:567
+#: SettingsPage.php:675
msgid ""
-"Automatically assign WordPress user roles based on Microsoft Entra ID group membership."
+"Automatically assign WordPress user roles based on Microsoft Entra ID group "
+"membership."
+msgstr ""
+"Automatisch WordPress Benutzerrollen anhand der Zugehörigkeit zu Microsoft "
+"Entra ID Gruppen zuweisen."
+
+#: SettingsPage.php:690
+msgid ""
+"The OpenID Connect configuration endpoint to use. To support Microsoft "
+"Accounts and external users (users invited in from other Microsoft Entra ID "
+"directories, known sometimes as \"B2B users\") you must use: https://"
+"login.microsoftonline.com/{tenant-id}/.well-known/openid-configuration, where {tenant-id} is the tenant ID or a verified domain "
+"name of your directory."
+msgstr ""
+
+#: SettingsPage.php:704
+msgid "Do a full logout of Microsoft Entra ID when logging out of WordPress."
+msgstr ""
+
+#: aad-sso-wordpress.php:263
+msgid "Session does not contain antiforgery ID."
msgstr ""
-"Automatisch WordPress Benutzerrollen anhand der Zugehörigkeit zu Microsoft Entra ID "
-"Gruppen zuweisen."
# @ aad-sso-wordpress
-#: aad-sso-wordpress.php:246
+#: aad-sso-wordpress.php:274
#, php-format
msgid "ANTIFORGERY_ID mismatch. Expecting %s"
msgstr "ANTIFORGERY_ID stimmt nicht überein. Erwarte %s"
# @ aad-sso-wordpress
-#: aad-sso-wordpress.php:265
+#: aad-sso-wordpress.php:297
#, php-format
msgid "ERROR: Invalid id_token. %s"
msgstr "FEHLER: Ungültiges id_token. %s"
-# @ aad-sso-wordpress
-#: aad-sso-wordpress.php:288
+#: aad-sso-wordpress.php:326
#, php-format
-msgid "ERROR: Could not get an access token to Microsoft Entra ID. %s"
+msgid ""
+"ERROR: Unable to check group membership with Microsoft Graph: %s "
+"%s %s"
msgstr ""
-"Fehler: Konnte kein Access Token für Microsoft Entra ID erlangen. %s"
+
+#: aad-sso-wordpress.php:337
+msgid ""
+"ERROR: Unexpected response when checking group membership with Microsoft "
+"Graph."
+msgstr ""
+
+# @ aad-sso-wordpress
+#: aad-sso-wordpress.php:363
+#, fuzzy, php-format
+#| msgid "ERROR: Could not get an access token to Microsoft Entra ID. %s"
+msgid "ERROR: Could not get an access token to Microsoft Graph. %s"
+msgstr "Fehler: Konnte kein Access Token für Microsoft Entra ID erlangen. %s"
# @ aad-sso-wordpress
-#: aad-sso-wordpress.php:295
+#: aad-sso-wordpress.php:370
msgid "ERROR: An unknown error occured."
msgstr "FEHLER: Es trat ein unbekannter Fehler auf."
# @ aad-sso-wordpress
-#: aad-sso-wordpress.php:304
-#, php-format
-msgid "ERROR: Access denied to Microsoft Entra ID. %s"
+#: aad-sso-wordpress.php:379
+#, fuzzy, php-format
+#| msgid "ERROR: Access denied to Microsoft Entra ID. %s"
+msgid "ERROR: Access denied to Microsoft Graph. %s"
msgstr "FEHLER: Zugriff zu Microsoft Entra ID verweigert. %s"
-# @ aad-sso-wordpress
-#: aad-sso-wordpress.php:345
+#: aad-sso-wordpress.php:400
+msgid "ERROR: Neither 'upn' nor 'unique_name' claims not found in ID Token."
+msgstr ""
+
+#: aad-sso-wordpress.php:434
+#, php-format
+msgid ""
+"ERROR: Access denied. You're not a member of any group granting you access "
+"to this site. You're signed in as '%s'."
+msgstr ""
+
+#: aad-sso-wordpress.php:460
#, php-format
-msgid "ERROR: The authenticated user %s is not a registered user in this blog."
+msgid "ERROR: Error creating user '%s'."
+msgstr ""
+
+# @ aad-sso-wordpress
+#: aad-sso-wordpress.php:474
+#, fuzzy, php-format
+#| msgid ""
+#| "ERROR: The authenticated user %s is not a registered user in this blog."
+msgid ""
+"ERROR: The authenticated user '%s' is not a registered user in this site."
msgstr ""
"FEHLER: Der angemeldete Benutzer %s ist kein registrierter Benutzer dieses "
"Blogs."
# @ aad-sso-wordpress
-#: aad-sso-wordpress.php:393
-#, php-format
-msgid "ERROR: AAD user %s is not a member of any group granting a role."
+#: aad-sso-wordpress.php:519
+#, fuzzy, php-format
+#| msgid "ERROR: AAD user %s is not a member of any group granting a role."
+msgid ""
+"ERROR: Microsoft Entra ID user %s is not a member of any group granting a "
+"role."
msgstr ""
"FEHLER: AAD Benutzer %s ist kein Mitglied einer Gruppe mit Rollenzuweisung."
# @ aad-sso-wordpress
-#: aad-sso-wordpress.php:480
+#: aad-sso-wordpress.php:624
msgid ""
-"Single Sign-on with Microsoft Entra ID required settings are not "
-"defined. Update them under Settings > Microsoft Entra ID."
+"Single Sign-on with Microsoft Entra ID required settings are not defined. "
+"Update them under Settings > Microsoft Entra ID."
msgstr ""
-"Erforderliche Einstellungen für Single Sign-On mit Microsoft Entra ID "
-"wurden nicht definiert. Aktualisieren Sie diese unter Einstellungen > Azure "
-"AD."
+"Erforderliche Einstellungen für Single Sign-On mit Microsoft Entra ID wurden "
+"nicht definiert. Aktualisieren Sie diese unter Einstellungen > Azure AD."
# @ aad-sso-wordpress
-#: aad-sso-wordpress.php:508
+#: aad-sso-wordpress.php:652
#, php-format
msgid "Sign in with your %s account"
msgstr "Melden Sie sich mit Ihrem %s Konto an"
# @ aad-sso-wordpress
-#: aad-sso-wordpress.php:511
+#: aad-sso-wordpress.php:655
msgid "Sign out"
msgstr "Abmelden"
# @ aad-sso-wordpress
-#. Plugin Name of the plugin/theme
#: view/settings.php:3
msgid "Single Sign-on with Microsoft Entra ID"
msgstr "Single Sign-On mit Microsoft Entra ID"
@@ -419,41 +540,37 @@ msgstr ""
"Konfiguration. Hierbei werden existierende Einstellungen überschrieben! "
"Bitte beachten Sie, dass dies nicht rückgängig gemacht werden kann."
-#. Plugin URI of the plugin/theme
-msgid "http://github.com/psignoret/aad-sso-wordpress"
-msgstr "http://github.com/psignoret/aad-sso-wordpress"
+#~ msgid "http://github.com/psignoret/aad-sso-wordpress"
+#~ msgstr "http://github.com/psignoret/aad-sso-wordpress"
# @ aad-sso-wordpress
-#. Description of the plugin/theme
-msgid ""
-"Allows you to use your organization's Microsoft Entra ID user accounts "
-"to log in to WordPress. If your organization is using Office 365, your user "
-"accounts are already in Microsoft Entra ID. This plugin uses OAuth 2.0 "
-"to authenticate users, and the Microsoft Entra ID Graph to get group "
-"membership and other details."
-msgstr ""
-"Erlaubt es den Benutzerkonten aus Ihrem Microsoft Entra ID, sich in "
-"WordPress anzumelden. Falls Ihre Organisation Office 365 verwendet, sind "
-"Ihre Benutzerkonten bereits in Microsoft Entra ID hinterlegt. Dieses "
-"Plugin verwendet OAuth 2.0 um Benutzer zu authentifizieren, sowie den Azure "
-"Active Directory Graph um Gruppenzugehörigkeiten und andere Details "
-"abzurufen."
-
-#. Author of the plugin/theme
-msgid "Philippe Signoret"
-msgstr "Philippe Signoret"
-
-#. Author URI of the plugin/theme
-msgid "http://psignoret.com/"
-msgstr "http://psignoret.com/"
+#~ msgid ""
+#~ "Allows you to use your organization's Microsoft Entra ID user accounts to "
+#~ "log in to WordPress. If your organization is using Office 365, your user "
+#~ "accounts are already in Microsoft Entra ID. This plugin uses OAuth 2.0 to "
+#~ "authenticate users, and the Microsoft Entra ID Graph to get group "
+#~ "membership and other details."
+#~ msgstr ""
+#~ "Erlaubt es den Benutzerkonten aus Ihrem Microsoft Entra ID, sich in "
+#~ "WordPress anzumelden. Falls Ihre Organisation Office 365 verwendet, sind "
+#~ "Ihre Benutzerkonten bereits in Microsoft Entra ID hinterlegt. Dieses "
+#~ "Plugin verwendet OAuth 2.0 um Benutzer zu authentifizieren, sowie den "
+#~ "Azure Active Directory Graph um Gruppenzugehörigkeiten und andere Details "
+#~ "abzurufen."
+
+#~ msgid "Philippe Signoret"
+#~ msgstr "Philippe Signoret"
+
+#~ msgid "http://psignoret.com/"
+#~ msgstr "http://psignoret.com/"
#~ msgid "%s"
#~ msgstr "%s"
# @ aad-sso-wordpress
#~ msgid ""
-#~ "Settings for configuring single sign-on with Microsoft Entra ID can "
-#~ "be configured\n"
+#~ "Settings for configuring single sign-on with Microsoft Entra ID can be "
+#~ "configured\n"
#~ "\t\there."
#~ msgstr ""
#~ "Einstellungen zur Konfiguration des Single-Sign-On mit Azure Active "
diff --git a/languages/aad-sso-wordpress.pot b/languages/aad-sso-wordpress.pot
index d6fdda5..b33e1e6 100644
--- a/languages/aad-sso-wordpress.pot
+++ b/languages/aad-sso-wordpress.pot
@@ -1,35 +1,33 @@
#, fuzzy
msgid ""
msgstr ""
-"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
"Project-Id-Version: Single Sign-on with Microsoft Entra ID\n"
-"POT-Creation-Date: 2019-10-02 17:33+0200\n"
+"POT-Creation-Date: 2025-07-29 12:04-0400\n"
"PO-Revision-Date: 2016-04-06 13:57+0200\n"
"Last-Translator: \n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: Poedit 2.2.4\n"
+"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
+"X-Generator: Poedit 3.6\n"
"X-Poedit-Basepath: ..\n"
"X-Poedit-WPHeader: aad-sso-wordpress.php\n"
"X-Poedit-SourceCharset: UTF-8\n"
-"X-Poedit-KeywordsList: __;_e;_n:1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;esc_attr__;"
-"esc_attr_e;esc_attr_x:1,2c;esc_html__;esc_html_e;esc_html_x:1,2c;_n_noop:1,2;"
-"_nx_noop:3c,1,2;__ngettext_noop:1,2\n"
+"X-Poedit-KeywordsList: "
+"__;_e;_n:1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;esc_attr__;esc_attr_e;esc_attr_x:1,2c;esc_html__;esc_html_e;esc_html_x:1,2c;_n_noop:1,2;_nx_noop:3c,1,2;__ngettext_noop:1,2\n"
"X-Poedit-SearchPath-0: .\n"
"X-Poedit-SearchPathExcluded-0: *.js\n"
#: SettingsPage.php:127
msgid ""
-"Legacy settings have been migrated and the old configuration file has been "
-"deleted."
+"Legacy settings have been migrated and the old configuration file has been deleted."
msgstr ""
#: SettingsPage.php:128
msgid ""
-"To finish migration, unset AADSSO_SETTINGS_PATH from wp-"
-"config.php. "
+"To finish migration, unset AADSSO_SETTINGS_PATH from wp-config.php. "
msgstr ""
#: SettingsPage.php:132
@@ -42,9 +40,7 @@ msgid "To finish migration, delete the file at the path %s. "
msgstr ""
#: SettingsPage.php:134
-msgid ""
-"Then, unset AADSSO_SETTINGS_PATH from wp-config.php. "
+msgid "Then, unset AADSSO_SETTINGS_PATH from wp-config.php. "
msgstr ""
#: SettingsPage.php:138
@@ -53,9 +49,7 @@ msgid "Legacy settings could not be migrated from %s. "
msgstr ""
#: SettingsPage.php:153
-msgid ""
-"Single Sign-on with Microsoft Entra ID settings have been reset to "
-"default."
+msgid "Single Sign-on with Microsoft Entra ID settings have been reset to default."
msgstr ""
#: SettingsPage.php:164
@@ -99,144 +93,163 @@ msgid "Enable full logout"
msgstr ""
#: SettingsPage.php:262
-msgid "Field to match to UPN"
+msgid "Login prompt behavior"
msgstr ""
#: SettingsPage.php:270
-msgid "Match on alias of the UPN"
+msgid "Field to match to UPN"
msgstr ""
#: SettingsPage.php:278
-msgid "Enable auto-provisioning"
+msgid "Match on alias of the UPN"
msgstr ""
#: SettingsPage.php:286
-msgid "Enable auto-forward to Microsoft Entra ID"
+msgid "Enable auto-provisioning"
msgstr ""
#: SettingsPage.php:294
-msgid "Enable Microsoft Entra ID group to WordPress role association"
+msgid "Enable auto-forward to Microsoft Entra ID"
msgstr ""
#: SettingsPage.php:302
-msgid "Default WordPress role if not in Microsoft Entra ID group"
+msgid "Enable Microsoft Entra ID group to WordPress role association"
msgstr ""
#: SettingsPage.php:310
-msgid "WordPress role to Microsoft Entra ID group map"
+msgid "Default WordPress role if not in Microsoft Entra ID group"
msgstr ""
#: SettingsPage.php:318
+msgid "WordPress role to Microsoft Entra ID group map"
+msgstr ""
+
+#: SettingsPage.php:326
msgid "OpenID Connect configuration endpoint"
msgstr ""
-#: SettingsPage.php:435
+#: SettingsPage.php:451
msgid "Map WordPress roles to Microsoft Entra ID groups."
msgstr ""
-#: SettingsPage.php:440
+#: SettingsPage.php:456
msgid "WordPress Role"
msgstr ""
-#: SettingsPage.php:441
+#: SettingsPage.php:457
msgid "Microsoft Entra ID Group Object ID"
msgstr ""
-#: SettingsPage.php:470
+#: SettingsPage.php:486
msgid "Display Name will be shown on the WordPress login screen."
msgstr ""
-#: SettingsPage.php:481
+#: SettingsPage.php:497
msgid ""
"Provides a hint to Microsoft Entra ID about the domain or tenant they will be logging "
-"in to. If the domain is federated, the user will be automatically redirected "
-"to federation endpoint."
+"in to. If the domain is federated, the user will be automatically redirected to "
+"federation endpoint."
msgstr ""
-#: SettingsPage.php:494
+#: SettingsPage.php:510
msgid "The client ID of the Microsoft Entra ID application representing this blog."
msgstr ""
-#: SettingsPage.php:505
+#: SettingsPage.php:521
msgid "A secret key for the Microsoft Entra ID application representing this blog."
msgstr ""
-#: SettingsPage.php:518 SettingsPage.php:535 SettingsPage.php:649
+#: SettingsPage.php:534 SettingsPage.php:551 SettingsPage.php:689
msgid "Set default"
msgstr ""
-#: SettingsPage.php:519
+#: SettingsPage.php:535
msgid ""
"The URL where the user is redirected to after authenticating with Microsoft Entra ID. "
"This URL must be registered in Microsoft Entra ID as a valid redirect URL, and it must "
-"be a page that invokes the \"authenticate\" filter. If you don't know what "
-"to set, leave the default value (which is this blog's login page)."
+"be a page that invokes the \"authenticate\" filter. If you don't know what to set, "
+"leave the default value (which is this blog's login page)."
msgstr ""
-#: SettingsPage.php:536
+#: SettingsPage.php:552
msgid ""
"The URL where the user is redirected to after signing out of Microsoft Entra ID. This "
"URL must be registered in Microsoft Entra ID as a valid redirect URL. (This does not "
-"affect logging out of the blog, it is only used when logging out of Azure "
-"AD.)"
+"affect logging out of the blog, it is only used when logging out of Microsoft Entra "
+"ID.)"
+msgstr ""
+
+#: SettingsPage.php:569
+msgid "login : Forces the user to enter their credentials"
+msgstr ""
+
+#: SettingsPage.php:572
+msgid ""
+"select_account : Prompts the user to select from accounts in session or choose a "
+"different account"
+msgstr ""
+
+#: SettingsPage.php:578
+msgid ""
+"This specifies the login behavior for users during the Entra ID authentication "
+"process. "
msgstr ""
-#: SettingsPage.php:553
+#: SettingsPage.php:593
msgid "Email Address"
msgstr ""
-#: SettingsPage.php:556
+#: SettingsPage.php:596
msgid "Login Name"
msgstr ""
-#: SettingsPage.php:562
+#: SettingsPage.php:602
msgid ""
-"This specifies the WordPress user field which will be used to match to the "
-"Microsoft Entra ID user's UserPrincipalName."
+"This specifies the WordPress user field which will be used to match to the Microsoft "
+"Entra ID user's UserPrincipalName."
msgstr ""
-#: SettingsPage.php:573
+#: SettingsPage.php:613
msgid ""
"Match WordPress users based on the alias of their Microsoft Entra ID "
"UserPrincipalName. For example, Microsoft Entra ID username bob@example.com will match WordPress user bob."
msgstr ""
-#: SettingsPage.php:601
+#: SettingsPage.php:641
msgid ""
"This is the default role that users will be assigned to if matching Microsoft Entra ID "
-"group to WordPress roles is enabled, but the signed in user isn't a member "
-"of any of the configured Microsoft Entra ID groups."
+"group to WordPress roles is enabled, but the signed in user isn't a member of any of "
+"the configured Microsoft Entra ID groups."
msgstr ""
-#: SettingsPage.php:613
+#: SettingsPage.php:653
msgid ""
"Automatically create WordPress users, if needed, for authenticated Microsoft Entra ID "
"users."
msgstr ""
-#: SettingsPage.php:624
+#: SettingsPage.php:664
msgid ""
"Automatically forward users to the Microsoft Entra ID to sign in, skipping the "
"WordPress login screen."
msgstr ""
-#: SettingsPage.php:635
+#: SettingsPage.php:675
msgid ""
"Automatically assign WordPress user roles based on Microsoft Entra ID group membership."
msgstr ""
-#: SettingsPage.php:650
+#: SettingsPage.php:690
msgid ""
-"The OpenID Connect configuration endpoint to use. To support Microsoft "
-"Accounts and external users (users invited in from other Microsoft Entra ID "
-"directories, known sometimes as \"B2B users\") you must use: https://"
-"login.microsoftonline.com/{tenant-id}/.well-known/openid-configuration, where {tenant-id} is the tenant ID or a verified domain "
-"name of your directory."
+"The OpenID Connect configuration endpoint to use. To support Microsoft Accounts and "
+"external users (users invited in from other Microsoft Entra ID directories, known "
+"sometimes as \"B2B users\") you must use: https://login.microsoftonline.com/"
+"{tenant-id}/.well-known/openid-configuration, where {tenant-id} is "
+"the tenant ID or a verified domain name of your directory."
msgstr ""
-#: SettingsPage.php:664
+#: SettingsPage.php:704
msgid "Do a full logout of Microsoft Entra ID when logging out of WordPress."
msgstr ""
@@ -257,11 +270,11 @@ msgstr ""
#: aad-sso-wordpress.php:326
#, php-format
msgid ""
-"ERROR: Unable to check group membership in Microsoft Entra ID: %s %s %s"
+"ERROR: Unable to check group membership with Microsoft Graph: %s %s %s"
msgstr ""
#: aad-sso-wordpress.php:337
-msgid "ERROR: Unexpected response when checking group membership in Microsoft Entra ID."
+msgid "ERROR: Unexpected response when checking group membership with Microsoft Graph."
msgstr ""
#: aad-sso-wordpress.php:363
@@ -285,8 +298,8 @@ msgstr ""
#: aad-sso-wordpress.php:434
#, php-format
msgid ""
-"ERROR: Access denied. You're not a member of any group granting you access "
-"to this site. You're signed in as '%s'."
+"ERROR: Access denied. You're not a member of any group granting you access to this "
+"site. You're signed in as '%s'."
msgstr ""
#: aad-sso-wordpress.php:460
@@ -296,8 +309,7 @@ msgstr ""
#: aad-sso-wordpress.php:474
#, php-format
-msgid ""
-"ERROR: The authenticated user '%s' is not a registered user in this site."
+msgid "ERROR: The authenticated user '%s' is not a registered user in this site."
msgstr ""
#: aad-sso-wordpress.php:519
@@ -307,8 +319,8 @@ msgstr ""
#: aad-sso-wordpress.php:624
msgid ""
-"Single Sign-on with Microsoft Entra ID required settings are not "
-"defined. Update them under Settings > Microsoft Entra ID."
+"Single Sign-on with Microsoft Entra ID required settings are not defined. Update them "
+"under Settings > Microsoft Entra ID."
msgstr ""
#: aad-sso-wordpress.php:652
@@ -327,8 +339,7 @@ msgstr ""
#: view/settings.php:4
msgid ""
-"Settings for configuring single sign-on with Microsoft Entra ID can be "
-"configured here."
+"Settings for configuring single sign-on with Microsoft Entra ID can be configured here."
msgstr ""
#: view/settings.php:14
@@ -344,8 +355,7 @@ msgid "Reset Settings"
msgstr ""
#: view/settings.php:26
-msgid ""
-"Reset the plugin to default settings. Careful, there is no undo for this."
+msgid "Reset the plugin to default settings. Careful, there is no undo for this."
msgstr ""
#: view/settings.php:31
@@ -368,17 +378,14 @@ msgstr ""
#: view/settings.php:45
#, php-format
-msgid ""
-"If migration is successful, migration will delete this configuration file, "
-"%s."
+msgid "If migration is successful, migration will delete this configuration file, %s."
msgstr ""
#: view/settings.php:50
#, php-format
msgid ""
-"If migration is successful, migration will be unable to delete the "
-"configuration file at %s. It is recommended to delete the file after "
-"migration."
+"If migration is successful, migration will be unable to delete the configuration file "
+"at %s. It is recommended to delete the file after migration."
msgstr ""
#: view/settings.php:63
@@ -387,8 +394,8 @@ msgstr ""
#: view/settings.php:64
msgid ""
-"Migrate settings from old plugin versions to new configuration. This will "
-"overwrite existing settings! Careful, there is no undo for this."
+"Migrate settings from old plugin versions to new configuration. This will overwrite "
+"existing settings! Careful, there is no undo for this."
msgstr ""
#. Plugin URI of the plugin/theme
@@ -397,10 +404,10 @@ msgstr ""
#. Description of the plugin/theme
msgid ""
-"Allows you to use your organization's Microsoft Entra ID user accounts "
-"to log in to WordPress. If your organization is using Office 365, your user "
-"accounts are already in Microsoft Entra ID. This plugin uses OAuth 2.0 "
-"to authenticate users, and the Microsoft Graph API to get group membership "
+"Allows you to use your organization's Microsoft Entra ID (formerly known as Azure "
+"Active Directory) user accounts to log in to WordPress. If your organization is using "
+"Office 365, your user accounts are already in Microsoft Entra ID. This plugin uses "
+"OAuth 2.0 to authenticate users, and the Microsoft Graph API to get group membership "
"and other details."
msgstr ""