When and how is a refresh token extended?
Microsoft document says "Anytime the SSO session token is used within its validity period, the validity period is extended another 24 hours or 90…
Seeing an AADSTS700016 error when signing-in to my Azure app after converting it to multi-tenant
We have a need in my company tenant to convert some already existing apps to multi-tenant In Azure/Entra ID. Most of these enterprise apps have SSO setup and working. As you know, in order to convert these apps, we need to change their Application ID URI…
Sign-in Frequency evaluation
Hello, With respect to Sign-in Frequency evaluation, is this flow-chart still valid after the advent of AUTHENTICATION-STRENGTH ??
I want delete users that have a blocked sign in and users who have not signed in over 90 days
I need help deleting users by last sign in date and have a blocked sign in
Disabling PIM for Groups Assignment Expiry Emails
Hi, we have a requirement to disable the emails that assignees to a PIM group membership receive before expiry. These are the emails that contain text like this: "Your Member role in the <group> Security will expire in 14 day(s)" I…
Windows Autopilot 展開サービスへのデバイスの登録について
Windwos Autopilotを利用して、OS設定(キッティング)、Intune登録、Entra ID Joinを自動で展開させたいと思っております。下記にケースにおいてのAutopilotの事前準備についてご教示いただけますでしょうか。今回、対応するものは下記のものを想定しております。 ・新規購入のWindwos 11 OSのPC ・現在使用しているPC (※Entra ID…
Entra ID as SP for SAML SSO
Hello I am trying to set up Entra ID SSO using SAML. All the i can find is how to set it up as a Idp but i am using Entra ID as SP using SAML. Has anyone used EntraID as SP using SAML? Can you please help
Rate limits for Microsoft Entra Id Apis
Hello Team, Could you please let us know the rate limits for the below Microsoft Entra Id Apis. Audit-Log: https://learn.microsoft.com/en-us/graph/api/resources/azure-ad-auditlog-overview?view=graph-rest-1.0 User-Info :…
We have a password expiration policy set in Entra ID that forces users to change password every 90 days, but we have a subset of users with expired passwords that are not being prompted to update.
It seems that there is some commonality in the successful authentications which is that they are signing into application title: Apple Internet Accounts per sign in logs. Client app is Mobile Apps and Desktop Clients in same log. Curious if there is…
Microsoft Entra SSO integration with FortiGate SSL VPN connectivity issue
Scenario: Microsoft Entra SSO integration with FortiGate SSL VPN I am unable to connect via FortiClient vpn version 7.2.x.x. But when i use FortiClient vpn client version 7.0.x.x.x to connect SSL VPN via Azure ID with SAML Authentication. its connect in…
SSO for Grafana with AzureAD Authentication Using Client Certificates Instead ClientID/ClientSecret
I'm trying to set up Grafana with SSO authentications- I have all the relevant endpoints to configure SSO and test it successfully but recently i was asked to not to use Client_ID/Client_Secret as shown below due to some security…
MFA in Users vs Group in Entra ID
I have created a user and added the same user in a group, and enabled MFA in both user and group, In user I have enabled SMS OTP, and in group I have enabled Microsoft authenticator. Now if I have to login to the user what Authentication will work since…
How do I send email from Linux machines to Microsoft 365 accounts with oauth2
I have been using app passwords successfully to authenticate users in Linux web applications and to send emails to users. A few days ago, this stopped working. SMTP Auth methods no longer work. My account settings show that Authenticated SMTP can access…
Removed all permissions and adminrights in hope it would delete the org now im stuck
For quite some time ago i got fired so i tried to delete this whole shabam but that was harder said then done. In anger i deleted all my own everything and wrote an angry ticket somewhere .. well i dont think ticket lead anywhere coz org seems to be up…
How do I fix Azure Trusted Service Account error while signing certificate
I'm getting this error when trying to use SignTool to sign my msix file. I've verified I have Trusted Signing Certificate Profile Signer role assigned in Azure. I also verified the publisher name of the AppxManifest.xml in the msix matches my certificate…
ManagedIdentityApplication.AcquireTokenForManagedIdentity("api://AzureADTokenExchange") giving error in local machine.
Hi, I am implementing the "Federated Identity Credential" along with User Managed identity in .net core 3.1 web api. Getting the error code: "managed_identity_unreachable_network" with error message "A socket operation was…
How to restrict the access only to Microsoft 365 admin portal and Microsoft Intune admin center
Hi Guys, How can we fine tune CA policy to allow access to only Cloud Apps Microsoft Admin portal that too Microsoft 365 admin center and Microsoft Intune admin center but not allowing access to any other admin portals like Teams, SharePoint, Entra,…
Give permission to a Local User into a Local Administrator from Azure AD or Intune
Hello, I am currently managing an Organization computer devices from Azure AD and Intune. I recently facing a challenge to make a User into a Local Administrator. I tried by using Power Shell command, user also get Administrator role for some moment,…
Visual Studio App Center is scheduled for retirement
May be you know, that Visual Studio App Center is scheduled for retirement on March 31, 2025. My question is, "will Visual Studio App Center retirement affect the functionality of Azure Active Directory Conditional Access after March 31, 2025?
Can't sign into azure on any of my accounts
I can't sign into any of my azure accounts. Whenever I try to log in to portal.azure.com, I am getting the following error code: Error Code: 53003 Request Id: xxxxxx Correlation Id: xxxxx Timestamp: 2024-05-10T16:29:43.390Z App name: Azure Portal App ID:…