Implementing MFA for customer accounts not in Azure Active Directory B2C (Azure AD B2C) directory
Hello, We are implementing Azure B2C as identity system for an application. Our customer accounts are not in Azure Active Directory B2C (Azure AD B2C) directory. We are using Sign-in with REST API identity providerfor user sign-in process. We are…
remove work school account from azure
remove school work account from azure
Typo in `state` parameter definition on `Microsoft identity platform and OAuth 2.0 authorization code flow` documentation
Hello Entra team, I've noticed what I believe is a typo for the state parameter…
Need support about External user of EntraID
Hi Microsoft support team, I'm using EntraID trial and I faced with 1 problem. That is when I register an Enterprise Application, I config Supported Account type to Multiple Tenant. After that some users used their Microsoft Account to authorized the…
Acc-Creation
Hi All, I want to create a guest account. I have logged in to the Exchange Online Admin Center and created a mail contact. However, I am not seeing this mail contact in Azure AD. Will mail contacts not show up in Azure AD? If i need to create a guest…
How to make password encrypted in AD B2C Custom Policy ?
Hi Team, We are using custom policies for sign in and sign up of ad b2c user flows. The password is shown as plain text in form data when user signs in or signs up which seems to be a security flaw and makes system vulnerable for attack ...how can I…
Can Entra External ID send an email to a user on account deletion
We have adopted Entra External ID as our CIAM for our consumer mobile app. The end user can request that their account be deleted. We have a requirement to send an email to a user to confirm that their account has been deleted. The deletion process…
Unable to select Australia as location for new CIAM External ID tenant
Hi all, I am setting up a new Entra ID External CIAM tenant. Under the 'Location' section, I am unable to find Australia. Is it possible to select Australia as a location for the tenant? We need data to stay within the country to be within our privacy…
Entra ID External Identities - Verification code mail branding
Hi, I've created a user flow in an Entra ID external tenant. When signing up using an email and a password, a verification code is sent to the user's mail. My questions are the following : Is it possible to change both the branding and the content…
Assigning Azure AD roles using group?
I need to create a cloud-only group called App Admins which has the Azure AD Role Application and Cloud Application Administrator role assigned to the members that are assigned manually. What are the steps I must take and how to achieve that with the…
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
Azure API Management Credentials Manager missing "scope" field for generic OAuth 2.0 CCF and Entra External ID
I have issues getting an access token using client credentials in API Management Credentials Manager. I am using Entra External ID for external tenants as an identity provider. Credentials Provider details: Identity provider: OAuth 2.0 Grant type:…
How to give external customer accounts in a entra external id tenant access to a a web api in my internal tenant?
I have an internal tenant A where I have internal resources (web api, functions, database, admin website etc). Recently I created an external tenant B with Microsoft Entra External id for customers. There I have registered a SPA app where external…
How to force reset password when sending invite to user using Graph API (python)
I am sending an invite to user to access my application. I can send and add them to groups using python and graph api. However, on accepting, the user (with a non microsoft id) gets prompted a OTP in their email to access the app. I want the user to…
Azure AD B2C - how to shorten the "state" parameter in the signout url to avoid query string is too long error?
Hi, we are getting a unique query string too long error upon adding one of the standard context parameters. Somehow it is getting added to the "state" property while user logging out. I have no idea why the "state" property is…
![](https://techprofile.blob.core.windows.net/images/oq2rJ2b6NECW9EhwfytldQ.png?8DA69B)
Graph API app permissions restricting to user or groups
Hey Msft, GRAPH API is very helpful and powerful to return the information. As you know there are two moded on it as mentione here : https://learn.microsoft.com/en-us/graph/auth/auth-concepts App and delegated access. For our recurring use cases we…
![](https://techprofile.blob.core.windows.net/images/gJj34sZ3fkO1tulpIUzAFw.png?8DBCFE)
Azure AD B2C Custom Policy - Custom Attributes using default values when Rest API Fails
Hi, I have an Azure AD B2C Custom Policy using OpenId protocol. I have also included a Rest-API integration in the custom policy and it seems to be working fine. The Rest-API is supposed to fetch additional attributes for the logged in user from an…
ExternalAzureAD access to external organization data
Dear Team, I am implementing invited user for Entra ID. The external organization is asking if what data is going to access of there AD from EntraID? Regards, Kishor
What Azure AD B2C role can I assign to the Developer team without assigning a Global Administrator?
I have created multiple Azure AD B2C for all of my teams respectively with the Dev domain. However, they cannot log in or switch to this Azure AD B2C tenant from the Azure Portal GUI yet. What Azure AD B2C role can I assign to the Developer team without…
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
Azure AD B2C best practice and security hardening
I have deployed multiple Azure AD B2C as the Global Administrator for all of my Development teams. May I know what the security best practices to follow so I can secure it to avoid lateral movement or any security breach? Thanks in advance.
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
Azure AD B2C & AWS Cognito Integration
Hi, I have an Azure AD B2C custom policy (SAML protocol) being used by an application 'A' setup and working fine. I want to integrate another application 'B' using OpenId protocol. This application 'B' is hosted in AWS and uses AWS Cognito user pool. I…