Microsoft

Portal: https://entra.microsoft.comMicrosoft Entra IDApp registrations.

1. Register the application

  1. Click New registration.
  2. Give the app a descriptive Name (users see it on the Microsoft consent screen).
  3. Choose Supported account types. For consumer + work/school accounts select Accounts in any organizational directory and personal Microsoft accounts.
  4. Under Redirect URI select Web and paste https://your-site.com/tsl/callback/microsoft/. Microsoft does not allow query strings, so copy the exact pretty URL shown in Titan Social Login. (If you just activated the plugin, visit WordPress → Settings → Permalinks and press Save once so the /tsl/callback/… routes become available.)
  5. Click Register.

2. Configure authentication & permissions

  1. Open the app you just created and go to Authentication. Confirm the redirect URI matches https://your-site.com/tsl/callback/microsoft/. If you need additional domains, add them here.
  2. Enable the checkboxes for Access tokens (used for implicit flows) and ID tokens (used for implicit and hybrid flows).
  3. Switch to API permissions. The default User.Read permission is enough, but you can also add openid, email, and profile delegated permissions. Click Grant admin consent if requested.

3. Create a client secret

  1. Go to Certificates & secrets.
  2. Under Client secrets, click New client secret, give it a description, pick an expiry, and click Add.
  3. Copy the Value immediately. Microsoft hides it after you leave the page.

4. Paste credentials into Titan Social Login

Back in WordPress, open Providers → Microsoft and enter:

Save the provider. If you later rotate the secret or change the redirect URI, update both the Azure portal and Titan Social Login so they stay in sync.