Azure Container Apps - built-in OIDC for SPA?
From Azure Container Apps Docs, it claims to support codeless authentication for apps through configuration (easy auth). I deployed 2 apps to ACA, one Angular SPA, one API used by SPA, both without any code to support authentication as I want to utilize…
Managed Identity Roles Needed for Azure Functions
I cannot figure out how to give my APIMS instance authorization to execute my Azure Function. When I try to test the Azure Function I get a 403 unauthorized error. I have an instance of Azure API Management Service (APIMS) Development Tier. I also have…
Entra Connect cloudsync (entra ID -> AD sync)
Dear, I am trying to do cloud syncronization from Entra ID to Active Directory via entra website. However this is not working. In the opposite direction it does (AD -> entra ID). Does anyone have any idea how I can solve this? I can press the…
Issue with browser back button invalidating the session from Azure AD login page
I'm using Azure AD for my login and forgot password pages. These two pages are custom html pages, hosted in azure blob storage. From the login page, when I click on "Forgot Password" link, the page goes to below url for a…
Application proxy: different on-premises and cloud identities
Hello, perhaps someone can give examples of what you mean by these settings? Unfortunately I didn't find…
How to create/ delete user via API using grant type as client_credentials
We are able to create token but unable to create and delete user. { "error": { "code": "AuthorizationFailed", "message": "The client 'f04c77f3-530e-416d-a165-42304fb90583' with object id…
Azure B2C Password does not match error bad behaviour
We have developed a project with Azure B2C and by testing we have detected that when registering, when the passwords do not match, the browser does not go up directly to show you the error message, it remains at the bottom of the page screen, with other…
AAD Sync errors 8344 on export for a small number of accounts
Good morning hive mind! I am struggling to find what is causing error 8344 on just 8 accounts on Export sync with AAD, getting error 8344 "Insufficient access rights to perform the operation" we have enabled inheritance on the MSOL account,…
exporting query output report to csv
I have executed below query and it worked and i want to export report to csv, what parameters I should add? 'az graph query -q "Resources | where type =~ ''Microsoft.Compute/virtualMachines'' | project name, properties.storageProfile.osDisk.osType…
How to implement Register and login in Azure AD B2C using Custom UI and APIs
How to implement Register and Login in Azure AD B2C using Custom UI and APIs and without using User flows. Instead of redirecting to the Microsoft domain and authenticating the user on the custom UI defined in Azure, we want to call the the Azure AD B2C…
How to emit some data field on azure AD JWT token
We have integrated a web client with OAuth to authenticate using Azure AD and are storing the token for later use. However, we need to exclude certain sensitive data, such as email, IP address, and name, which are not necessary for the application. Could…
Tenant and Subscription migration
Afternoon to all, I'm hoping I can some advise and read points on the following. I'll try and be concise and include all relevant details, but if you have questions about each environment, then let me know. We are a smallish company about 50 employees,…
Conditional access policy in reporting mode shows unknownFutureValue
Hi There, I have a conditional access policy configured in report-only mode to enforce MFA for device registration. The report-only data shows no hits for report-only success or interrupted state; rather it shows some hits with status as…
Application Insights logs are missing when DeveloperMode is false in JourneyInsights
When we set DeveloperMode equals true in JourneyInsights, we can get logs in Monitoring. This means that data can be queried from the traces table or other tables. But when we set DeveloperMode equals false, All table data is empty. We have…
Cannot add Enterprise Application to Entra ID tenant
I have a MS Entra Gallery app (ModeGen for Visio): https://azuremarketplace.microsoft.com/en-us/marketplace/apps/aad.modelgenforvisio that provides integrated OIDC SSO support for a separate Visio Addin (https://crecy.com.au/model-gen/). In summary it…
Salesforce Custom Profiles not visible after configuring SSO using Entra ID.
Hello, I configured SSO using Entra ID for Salesforce applications, everything is working perfectly except one thing. Profiles which was created by my team "Custom Profiles" that's not appearing on Entra ID portal against salesforce…
How do I setup Entra Global Internet Access (SSE) to allow users secured access to (OWA) Outlook online?
Secured Access to OWA using Entra Internet Access SSE.
Microsoft Entra External ID - Federation with EntraID and impersonation feature
I'm in the process of deciding which identity server/service to integrate with a set of applications. Since Azure AD B2C it's being replaced I'm not inclined to start with that service. On the other hand, EntraID External tenant do not currently support…
Specifying Application ID URL
Context I'm building an Office 365 add-in - to be run in Outlook, both desktop and web -, and I'm at the stage where I want to try logging the user in and getting an access token. However, I'm running into trouble getting the login to work. The…
Getting unspecified error when doing provision on demand
When i am doing a provision on demand i am getting error which is not specifying exactly what is wrong and is creating confusion.