How to disable single sign on? Only login to multisite if user exists

By default, a registered user who logs is technically logged into all sites, but their ability to access wp-admin and make modifications to a particular site is still limited by their user role on that site.

If a logged in user tries to visit wp-admin on a site that they haven’t been granted a role for, they’ll be shown an error message. The only exception to that are users who are “super admins”.

Are users seeing that error message on sites they don’t have a role on? Or are they able to access wp-admin and make changes? If they are, that’s probably because of a bug in a plugin or something, and we’d need more info to troubleshoot. You could start by disabling all the plugins temporarily to see if that’s the case.

Hi! I’m actually wondering the same thing. My issue is that each of my sites are intended for a specific audience like employees of a company or members of a sports team. Registrations are restricted on domain on them and I’d like to prevent other users from being able to register for site of which they are not an approved member. Is this possible?

I have not found a solution yet, unfortunately. Any answers welcome.

Actually, I think this is more like a flaw or even a bug in WordPress. It seems highly illogical that it allows login on the subdomains sites even if the user is not added to the users with a user role on that site.
Only exception should be for Super-Admin, IMHO.

Are users seeing that error message on sites they don’t have a role on? Or are they able to access wp-admin and make changes? If they are, that’s probably because of a bug in a plugin or something, and we’d need more info to troubleshoot. You could start by disabling all the plugins temporarily to see if that’s the case.

@iandunn

The users are not able to access wp-admin. But when they have logged in to one site of the network, they are logged in to all.

I have content on the subdomain sites that should only be accessible for logged in users on that specific site and not to all users of the network, but currently, it does not make a difference.
I am using the Ultimate Member plugin to make pages or elements inaccessible for not logged in users.

Ah, I see. Are you able to configure Ultimate Member to show the content based on the role that the logged-in user has (e.g., subscriber, contributor, etc), rather than just whether or not they’re logged in?

The fact that users are logged-in to all sites in the network is just how WP is designed, and it’s up to plugins to be aware of that. It’s not the ideal behavior in every scenario, but it what they had in mind when it was built.

If Ultimate Member doesn’t have a way to configure access based on roles, then I think the only other option might be to find/build a plugin that changes the default behavior, so that users aren’t logged into all sites.

Okay, I’m working on some code that signs out a user if they try to access a site they don’t belong to and then uses wp_authenticate hooks to prevent them from logging into a site they don’t belong to. I’ll keep this thread updated if I get that to work.

@rshreve This is interesting, thanks!

@iandunn Yes, this is possible. Instead of enabling the content for all logged in users, it can be enabled for user roles. I already saw this possibility as a workaround. I’ll post a question about this in the Ultimate Member support forum.

greetings everybody !

did someone found a solution ?

@rshreve built something ? Thanks