BuddyBoss Platform

  1. Knowledge Base
  3. BuddyBoss Platform
  5. BuddyBoss Social Login
  7. Set Up Microsoft for Social Login

Set Up Microsoft for Social Login

Introduction

The Social Login feature allows users to log in and/or register to your BuddyBoss Web and App using Microsoft accounts. This guide covers the Microsoft‑specific setup once the core Social Login functionality is enabled.

Tutorial Video

Prerequisites

Start by following the Social Login article to enable and configure the Social Login feature in your BuddyBoss Web and App.

Once Social Login is active and configured, continue with the Microsoft settings below.

Microsoft Social Login Settings

Accessing the Microsoft Social Login Settings

  1. Login to your WordPress Dashboard.
  2. Go to BuddyBoss Dashboard > Settings.
  3.  Scroll down to the Registration section > Click the pencil icon on the Microsoft Login option..

Required Fields

  • Application (Client) ID: Found in your Microsoft app’s Overview panel in Azure.
  • Client Secret: Generated under Certificates & secrets in Azure. Use the Value, not the Secret ID.
  • Audience Type: Select the type of users allowed to log in (personal, work, or both).
  • Authorization Type: Choose the preferred login behavior (e.g., always show account chooser).

Microsoft Login Settings Preview

How to Generate the Client ID

  1. Sign in at the Microsoft Azure Portalor create an account.
  2. Search for Microsoft Entra ID (ignore any error prompts).
  1. Click Add > App registration > New registration.
  1. Enter a Name and choose Supported account types (This selection determines your Audience setting in BuddyBoss).

Note: On our Settings tab, you will need to select the Audience depending on the selected value.

  1. Under Redirect URI select Web and paste your BuddyBoss callback URL. 

Note: You can obtain the BuddyBoss callback URL from your Microsoft Login Settings

  1. Click Register.
  1. Copy the Application (client) ID from the Overview page.
  1. Paste the Application (client) ID into the Microsoft Login Settings Client ID field in the BuddyBoss Settings.

How to Generate the Client Secret

  1. In Azure, search and go to Certificates & secrets.
  1. Click + New client secret.
  1. Add a description, and set an expiration at the “Expires” field.
  2.  Click Add, then copy the Value.
  1. Paste the Value.on the Microsoft Login Settings Client Secret field in your BuddyBoss Settings.

Selecting the Audience Type

Choose one of the following options based on your target users:

  • Any Azure AD directory – Multitenant
    Only work/school accounts from any Azure AD tenant.
  • Any Azure AD directory and personal Microsoft accounts
    Both work/school and personal accounts (e.g., Skype, Xbox).
  • Personal Microsoft accounts only
    Only personal accounts; work/school accounts cannot sign in.
  • Specific Azure AD tenant
    Only work/school accounts from a single tenant (by domain or GUID).

Select the Authorization Type

Choose one of the following option:

  • Display account select modal – Always show the account chooser.
  • Force credentials entry on each login – Require email/password every time.
  • Display consent only when necessary – Show consent only if not previously granted.

Save Changes

  1. Once all fields are filled, click Save Changes.

Note: You will be prompted to login to your Microsoft Account to verify the configuration

Sample screenshot:

.

How to Modify Supported Account Types

To change the Supported Account Type of your Microsoft App, you can follow the steps below.

  1. Go to the Microsoft Azure Portal.
  2. Search for and open App registrations.
  1. Select your app by its Application (client) ID.
  1. Click Manifest under Manage.

Note: Before making any modifications, please download the current configuration by pressing the “Download” button. This way you will have a backup if you make a mistake with the modifications. Keep this file safe!

  1. In the editor, locate “signInAudience”. . It will look something like this: “signInAudience”: “PersonalMicrosoftAccount”,

The specified value ( in this case “PersonalMicrosoftAccount” ) will define the supported account types.

  1. Modify it according to your needs. The supported values are:
    • AzureADMyOrg – Users with a Microsoft work or school account in my organization’s Azure AD tenant (for example, single tenant)
    • AzureADMultipleOrgs – Users with a Microsoft work or school account in any organization’s Azure AD tenant (for example, multi-tenant)
    • AzureADandPersonalMicrosoftAccount – Users with a personal Microsoft account, or a work or school account in any organization’s Azure AD tenant
    • PersonalMicrosoftAccount – Personal accounts that are used to sign in to services like Xbox and Skype.

Note: Always download a backup of the manifest before making changes.

Troubleshooting and FAQs

Q: Which Audience option allows both work and personal accounts?
A: Choose Any Azure AD directory and personal Microsoft accounts, or set “signInAudience” to AzureADandPersonalMicrosoftAccount in the manifest.

Q: I get “Not authorized” when registering.
A: Ensure you have an Application administrator or Cloud application administrator role in your Azure AD tenant.

Q: Can I change the audience later?
A: Yes—update it via the Manifest in the Azure portal as described above.

Q: What should I do if I cannot login when trying to save the Microsoft Login Settings in my website?
A: Make sure you’ve selected the correct Audience for your Microsoft application. Some audience types do not permit login using personal Microsoft accounts.

Questions?

We're always happy to help with questions you might have! Search our documentation, contact support, or connect with our sales team.

Was this article helpful? Yes No