enable the prompt authentication argument

AuthorizationHelper.php

@@ -27,6 +27,7 @@ public static function get_authorization_url( $settings, $antiforgery_id ) {
 					'client_id'     => $settings->client_id,
 					'resource'      => $settings->graph_endpoint,
 					'redirect_uri'  => $settings->redirect_uri,
+					'prompt'        => $settings->login_prompt,
 					'state'         => $antiforgery_id,
 					'nonce'         => $antiforgery_id,
 				) );

Settings.php

@@ -46,6 +46,15 @@ class AADSSO_Settings {
 	 */
 	public $org_domain_hint = '';
 
+	/**
+	 * Indicates whether the the user is prompted to enter their Entra ID credentials or to select
+	 * from a listing of the accounts in session or to choose a different account altogether.
+	 *
+	 * @var string used for the prompt argument in the Entra ID authorization link
+	 */
+	public $login_prompt = 'login';
+
+
 	/**
 	 * Indicates which field is matched against the authenticated user's User Principal Name (UPN)
 	* to find a corresponding WordPress user. Valid options are 'login', 'email', or 'slug'.
@@ -159,6 +168,7 @@ public static function get_defaults( $key = null ) {
 
 		$defaults = array(
 			'org_display_name' => get_bloginfo( 'name' ),
+			'login_prompt' => 'login',
 			'field_to_match_to_upn' => 'email',
 			'default_wp_role' => null,
 			'enable_auto_provisioning' => false,

SettingsPage.php

@@ -257,6 +257,14 @@ public function register_settings() {
 			'aadsso_settings_general' // section
 		);
 
+		add_settings_field(
+			'login_prompt', // id
+			__( 'Login prompt behavior', 'aad-sso-wordpress' ), // title
+			array( $this, 'login_prompt_callback' ), // callback
+			'aadsso_settings_page', // page
+			'aadsso_settings_general' // section
+		);
+
 		add_settings_field(
 			'field_to_match_to_upn', // id
 			__( 'Field to match to UPN', 'aad-sso-wordpress' ), // title
@@ -362,6 +370,14 @@ public function sanitize_settings( $input ) {
 			}
 		}
 
+		// Default login_prompt is 'login'
+		$sanitary_values['login_prompt'] = 'login';
+		if ( isset( $input['login_prompt'] )
+			&& in_array( $input['login_prompt'], array( 'login', 'select_account' ) )
+		) {
+			$sanitary_values['login_prompt'] = $input['login_prompt'];
+		}
+
 		// Default field_to_match_to_upn is 'email'
 		$sanitary_values['field_to_match_to_upn'] = 'email';
 		if ( isset( $input['field_to_match_to_upn'] )
@@ -539,6 +555,30 @@ public function logout_redirect_uri_callback() {
 		);
 	}
 
+	/**
+	 * Renders the `login_prompt` form control.
+	 */
+	public function login_prompt_callback() {
+		$selected =
+		 isset( $this->settings['login_prompt'] )
+			? $this->settings['login_prompt']
+			: '';
+		?>
+		<select name="aadsso_settings[login_prompt]" id="login_prompt">
+			<option value="login"<?php echo $selected == 'login' ? ' selected="selected"' : ''; ?>>
+				<?php echo __( 'login : Forces the user to enter their credentials', 'aad-sso-wordpress' ); ?>
+			</option>
+			<option value="select_account"<?php echo $selected == 'select_account' ? ' selected="selected"' : ''; ?>>
+				<?php echo __( 'select_account : Prompts the user to select from accounts in session or choose a different account', 'aad-sso-wordpress' ); ?>
+            </option>
+		</select>
+		<?php
+		printf(
+			'<p class="description">%s</p>',
+			__( 'This specifies the login behavior for users during the Entra ID authentication process..', 'aad-sso-wordpress' )
+		);
+	}
+
 	/**
 	 * Renders the `field_to_match_to_upn` form control.
 	 */

aad-sso-wordpress.php

@@ -5,7 +5,7 @@
 Plugin URI: http://github.com/psignoret/aad-sso-wordpress
 Description: Allows you to use your organization's Microsoft Entra ID (formerly known as Azure Active Directory) user accounts to log in to WordPress. If your organization is using Office 365, your user accounts are already in Microsoft Entra ID. This plugin uses OAuth 2.0 to authenticate users, and the Microsoft Graph API to get group membership and other details.
 Author: Philippe Signoret
-Version: 0.7.1
+Version: 0.7.2
 Author URI: https://www.psignoret.com/
 Text Domain: aad-sso-wordpress
 Domain Path: /languages/