Microsoft Entra External ID - Federation with EntraID and impersonation feature
I'm in the process of deciding which identity server/service to integrate with a set of applications. Since Azure AD B2C it's being replaced I'm not inclined to start with that service. On the other hand, EntraID External tenant do not currently support…
Unable to logout from External Identity Provider (SAML 2.0)
Hello All, I am working on React Application which will support multi-IDP logins, i am using MSAL library to implement I have configured below IDP SAML 2.0 using Microsoft External Identities. SAML for Okta SAML for OneLogin SAML for Google Suite I…
AAD B2C - "Lag" after custom policy upload
Hi everyone, when I upload a new version of a custom policy it takes a varying amount of time (from a few seconds to five minutes) until the new version is used. During development this is very frustrating and time-consuming since I either have to…
How to implement Register and login in Azure AD B2C using Custom UI and APIs
How to implement Register and Login in Azure AD B2C using Custom UI and APIs and without using User flows. Instead of redirecting to the Microsoft domain and authenticating the user on the custom UI defined in Azure, we want to call the the Azure AD B2C…
unable to find the kid in the list of keys to validate the id token
I am getting id token once i click on the user flow in azure ad b2c. Now i simply need to validate that id token using the kid from the token header But I cannot find key ids in discovery/keys url which matches with the kid of token header. I have…
Azure AD B2C Login returns 400 after long idle time (with no error shown on UI)
After keeping the Azure B2C login screen idle for the whole night (put to sleep), and then logging in with the same login page the next morning, it returns 400 bad request, silently failing without showing any errors on the UI. The same issue is…
Azure B2C - API to verify smart lock on user accounts?
Is it possible to detect / by notified a Smart lockout has occurred on a user account, for instance an API to call that returns a value denoting the user account was temporarily locked? The intention is to programatically check if an account is locked…
How to emit some data field on azure AD JWT token
We have integrated a web client with OAuth to authenticate using Azure AD and are storing the token for later use. However, we need to exclude certain sensitive data, such as email, IP address, and name, which are not necessary for the application. Could…
with b2c custom policy, capture checkbox state during profile editing
We have b2c custom policy, we have checkbox to give user options on "Agree to receive email..." checkbox implemented with CheckboxMultiSelect as the only option, it capture value for the first time. But when user later on uncheck the checkbox,…
Azure AD B2C Change Organization Name
I have an Azure AD B2C service that is ready for production but needs the named changed as the product name has changed at the last moment. Is there any method to change this? It is only visible from the host directory. The main issue is the email…
how to allow external users to access graph api in azure portal without adding them to tenant
Hi, I just want to know that how to allow external users to authenticate themselves using graph API without adding them tenant in azure portal?
Will External ID in external tenants have a federation functionality?
Hi, our company develops cloud software for other companies to use. Today, we use Azure AD B2C as an IdP for our software. Some of our clients want to use their IdP for their users, so we federate AAD B2C with them. Others - don't have IdP, so we…
Problem with subscription creating Azure AD B2C tenant
Hi everyone, i'm trying to separate my app environments so i want to create AD B2C tenants and their resources per environment (develop and production). I've created a Azure AD B2C tenant, but it doesn't have any subscription, so i can't create any…
In Entra External ID CIAM, will it be possible to add any external identity provider without a verified domain or DNS change?
We have various customers that have IdPs with their own companies and would like to use their identities to log in to our customer-facing applications. In Entra External ID CIAM, will it be possible to add any external identity provider without a…
Azure B2C user creation is failed for some specific user
I am creating a user in Azure B2C using Graph Client (5.40.0). While creating the user, we are getting response saying that "userPrincipalName already exists". Then we try to get the user using the user's principal name, we are getting error…
External identity cannot accept the invitation
This user ([saadi@onminerets.onmicrosoft.com]) was invited to this tenant cfeee0c4-dbf3-44f7-b6c7-361ade5b4555 though without mailbox but was sent the invite link and when clicks the link he get this: When he clicks switch accounts, he gets this:…
Azure B2C gives "undefined" as the error message when signing up with a duplicate account
Using the default template, on a SignInSignUp flow with no customization the web service returns: {"status":"400","errorCode":"ViralErrorUserCreationConflict","message":"A user with the specified…
Azure AD B2C Front-channel logout URL Not Working
Hello everyone, I'm facing an issue with Azure AD B2C for which I'm struggling to find a solution. I have multiple registered applications, each representing a different product. When I log out of one of these applications, I'd like the sessions in the…
MFA policy is misconfigured. Work with your admin to enable notification through mobile app in the policy.
We have enabled MFA enforcement on our lighthouse but somehow all the users were receiving this error "MFA policy is misconfigured. Work with your admin to enable notification through mobile app in the policy." We have tried disabling the MFA…
How to give external customer accounts in a entra external id tenant access to a a web api in my internal tenant?
I have an internal tenant A where I have internal resources (web api, functions, database, admin website etc). Recently I created an external tenant B with Microsoft Entra External id for customers. There I have registered a SPA app where external…