We have a password expiration policy set in Entra ID that forces users to change password every 90 days, but we have a subset of users with expired passwords that are not being prompted to update.
It seems that there is some commonality in the successful authentications which is that they are signing into application title: Apple Internet Accounts per sign in logs. Client app is Mobile Apps and Desktop Clients in same log. Curious if there is…
Unable to test run custom policy in AD B2C, No applications listed to run the policy
Hi, I have done all the configurations and registered required the web applications to create user flows and custom policies in Azure Active Directory B2C by following this documentation…
Azure AD: Best Practices on session timeout / token invalidation
Dear all, we are working together with a software provider that provides a password manager solution, based on a classic client-server architecture. The users authenticate via the client through Azure AD in order to access the server. We do have a…
Domain should match the passive sign in uri
I am trying to configure an external identity provider in Entra. When I try to do it I get the error "domain should match the passive sign in uri" I tried editing in the DNS of the domain exactly as its shown in the error: TXT…
The portal is having issues getting an authentication token. The experience rendered may be degraded.
When I login to the Azure Portal I keep getting a popup with the following text: The portal is having issues getting an authentication token. The experience rendered may be degraded. Additional information from the call to get a token: Extension:…
M365 hosting Tenant A and Azure AD for AAD Device on Tenant B and On prem
I have a scenario where "M365 is hosted on Tenant A with domain.com" and Azure AD for AAD Joined devices on "Tenant B with onmicrosoft.com" and on premises with "Domain.local" . Problem-User need to login using different…
The portal is having issues getting an authentication token. The experience rendered may be degraded.
An Invoice of 109 USD was generated for my new azure account for Azure support. i was unable to view or login to the portal with my azure account. The portal is having issues getting an authentication token. The experience rendered may be…
How can I setup an Azure SSO web application such that users can access the application by providing their User ID and Password instead of using the SSO login flow?
We have a web application that is configured for single sign-on with SAML in Azure. There are users (employees) setup in the Active Directory however there are other users (contractors) who are not in the Active Directory and we need to give them the…
How to fix The portal is having issues getting an authentication token
I have this when I am trying to go to Azure AD and got this The portal is having issues getting an authentication token. The experience rendered may be degraded. Additional information from the call to get a token: Extension:…
How to create a Teams meeting for all to join with their personal accounts?
In a personal Teams meeting, the login option isn't displayed. However, personal accounts face restrictions when attempting to join business Teams meetings via browser or desktop. Is there a workaround? Can the Graph API facilitate this process? And can…
MFA in Users vs Group in Entra ID
I have created a user and added the same user in a group, and enabled MFA in both user and group, In user I have enabled SMS OTP, and in group I have enabled Microsoft authenticator. Now if I have to login to the user what Authentication will work since…
How to remove an unknown tenant?
My Azure account and applications are not affiliated with a company, just my own. I somehow managed to get an active directory attached to my login that shows up in the "switch directory" option (and also "Manage tenants") that's from…
Entra Enterprise Applications Users and Groups - adding roles
When adding a role to a user or group in the Enterprise Application the role is not saved, the user or group is saved but clicking edit assignment for the user or group shows "none selected" under roles. Selecting a role and then saving…
Can we authenticate Translator service with Microsoft Entra ID
Hi Team, Currently we are using translator text endpoint and key for accessing the azure translator service. We wanted to change this method to RBAC to increase the security. We have referred the below document and in the steps it has mentioned…
Why doesn't app registration federated credentials support wildcards for branch entity type?
According to this, Azure doesn't support pattern matching for the branch entity type when adding a federated credential to an app registration. Why is this the case and will this be supported in the future. As mentioned by this, I could just use an…
This domainhas been previously configured on xxx using
Trying to add my domain name to Microsoft Entra and getting this message So I guess at some time in the past someone at least started setting up but never actually used it or at least not that anyone will admit to. So how do I gain control of the name…
Can i change the company branding based on the domain?
Hello On Our Microsoft 365 tenant we have changed the login page to match our main company brand. This is visible if i go for example to login.microsoftonlie.com/?whr=main-company.domain We have some Brand called diffrendly, with individual…
When trying to use BeginAttachDetachDataDisks(Using GO SDK), I'm getting the following error: The subscription is not enabled for using the attach detach data disks API. I have the attachDisk & detachDisk permission added for the subscription.
When trying to use BeginAttachDetachDataDisks, I'm getting the following error: "The subscription is not enabled for using the attach detach data disks API". I have the attachDisk & detachDisk permission added for the subscription. I'm able…
SAML-based SSO for a Ruby application.
Hi there, First of all, let me point out I'm totally new to the things below so, please, forgive me if it may feel silly. I'm trying to develop a SAML-based SSO for a Ruby application. In my Azure Active Directory admin center, I have…
Adding Entra ID authentication to a web app that utilizes Web PubSub in Azure
I'm trying to simply add Microsoft Entra ID for authentication to an Azure web app. I have a javascript chat-app using Web PubSub that worked perfectly using this…