How to implement Register and login in Azure AD B2C using Custom UI and APIs
How to implement Register and Login in Azure AD B2C using Custom UI and APIs and without using User flows. Instead of redirecting to the Microsoft domain and authenticating the user on the custom UI defined in Azure, we want to call the the Azure AD B2C…
Azure AD B2C Change Organization Name
I have an Azure AD B2C service that is ready for production but needs the named changed as the product name has changed at the last moment. Is there any method to change this? It is only visible from the host directory. The main issue is the email…
Azure AD B2C Front-channel logout URL Not Working
Hello everyone, I'm facing an issue with Azure AD B2C for which I'm struggling to find a solution. I have multiple registered applications, each representing a different product. When I log out of one of these applications, I'd like the sessions in the…
How to give external customer accounts in a entra external id tenant access to a a web api in my internal tenant?
I have an internal tenant A where I have internal resources (web api, functions, database, admin website etc). Recently I created an external tenant B with Microsoft Entra External id for customers. There I have registered a SPA app where external…
How to use a microsoft personal email with DefaultAzureCredential from python sdk to download/upload files in azure storage blob account?
I'm developing a system in which a user from a simple python application can download/upload files from azure blob storage. I'm using python sdk and VS code as IDE (without the azure extension activated) and I'm stuck with microsoft personal account used…
Azure AD B2C Signin Only that users who has gmail.com account or Any Specific Company domain and Only verified by organization (me)
we need to allow only signin from specific gmail user, and also we need to sign in from any company email id and password , we don't want to create any user account and allowed only some specific number of user can signin with gmail.com account…
Azure B2C signin-oidc Password Reset - OpenIdConnectProtocolException - invalid_grant
Sign-in and Sign-out flows are working correctly without an error. The password reset is working - the password is changed and the user flow test shows the claims being created correctly. The issue I am facing is on the redirect. This ends with: …
Azure B2C tenant URL all returning AADB2C: An exception has occurred
Hello, We have an issue since tonight on our Azure B2C tenant which always returns "AADB2C: An exception has occurred" on all endpoints and we could not locate any logs that would explain the reason behind this. Is there a known downtime of…
Microsoft Entra ID for Customers and OpenID Connect integration with customer Identity Provider
I am looking into the preview for Microsoft Entra ID for Customers (new CIAM solution), and want to know if it is possible to provide SSO for my customers by integrating towards their Identity Provider using OpenID Connect. Currently there seem to be an…
Azure AD B2C token enriching preview status for user flows
For Azure AD B2C, how long is the ability to enrich tokens with external claims using the api connector in user flows expected to be in preview? This will help make a decision about whether to use this functionality. The current documentation shows…
How to avoid login/sign-up redirection/popup when using AAD B2C from React Application?
Hi, When using Azure AD B2C with React SPA, can the login redirect/popup be avoided? I have a business requirement to embed the login/sign-up page in react instead of using MS hosted pages (even if customizable), not show the sign-up/login url to…
How to authenticate Microsoft Account users through Entra External ID
When I invite an external user via by providing their email address They receive an invite link via email After accepting the invite, if that email is not associated with an existing Microsoft Account it gets added to my directory with Identity Type:…
cross-tenent application security concern
There is an cross tenant application, which used by customer tenant A and customer tenant B, both A and B grant permission to the Application to their own resources RA, RB. Does It possible tenant A be able access resource RB by the Application? In…
Will Azure Virtual Desktop use Microsoft Entra External ID for external-facing apps?
According to the AVD documentation, in order to offer apps or desktops running on AVD to external users or customers (cloud-only deployment), identities must be created and managed manually, and then the credentials are provided to the users. Since AVD…
how to verify azure access token gotten from client web app and sent to python server
I get an azure access token from my client SPA (single page application) using MSAL (Microsoft authentication library) as a public client application. I then send the access token received after successful authentication to my python server by including…
Was the ability to manage App roles through the UI removed recently?
We are using Microsoft Entra ID for customers (Preview) and it seems the ability to manage app roles through the Microsoft Entra UI was removed. The documentation (https://learn.microsoft.com/en-us/entra/identity-platform/howto-add-app-roles-in-apps)…
Integrating proprietary directory users with Microsoft Entra ID
Hi, our company has an Entra directory of users and a proprietary directory of 3rd party customers. In the case of the 3rd parties, we want to take advantage of Entra's capabilities. However, we've hit a roadblock as they have emails in multiple domains…
Teams group sharing with external users - do we need Entra licenses?
I would like some clarity on the Entra External ID licensing and MAU. Our organization has 2 M365 Basic subscriptions (Global admin account and org. communications account). We have a Teams group which we share with 30-40 external users. They need access…
Unable to retrieve the list of Guest users without ExternalUserState value
There are cases when ExternalUserState property of Guest users may be empty (null/blank) due to invitation being sent from different services (possibly SharePoint). It is not possible to retrieve the list of those users because according to…
How to get the most accurate MFA user status using PowerShell or via GUI?
What's the most accurate way to get the User MFA status using the PowerShell for Microsoft graph? Because using the portal GUI below, they both show different statuses for the esame user. Old MFA:…