Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

Protect complete site with sso (Forced authentication)

Applies to : Premium or Higher version

This feature allows you to restrict site to non-logged in user.
Here, enabling restrict site to non- logged in users will auto redirect the user to login page of OAuth /OpenID provider if user is not already logged in. After performing sso user can access the site.
Along with protecting complete site (all pages) with SSO, we also provides an option to exclude the URL from auto redirect.
You can configure or exclude some URLs from protecting with SSO such that non-logged in users can access those page URLs without SSO.
Click here to learn more about the usecases for Force Authentication.

How to configure?

You can configure this option by turning on (checking) the option “Restrict site to logged in users” in the Sign In Settings tab -> Advanced Settings
When you save the settings, you will be presented with this screen:
Here, you can also configure the URLs that you want to allow the non-logged in users to be able to see.
Enter these URLs on separate lines like shown above.
There is also a backdoor URL for administrative purposes.
This URL is in this format:
```
  <wordpress-site-url>.com/wp-login.php?oauthlogin=false
```
In this Example, URL is: https://example.com/wp-login.php?oauthlogin=false
With this feature enabled, when a user is not logged in and tries to access the WordPress site, user will be auto redirected to the oauth provider's login page and they will see the message 'Redirecting to the default login Page'. You can change this message by doing the below settings.