Azure AD B2C MFA saves phone number with incorrect format (without space)
Currently we trying to reset MFA in Azure B2C through Microsoft Graph API. The idea is to delete existing phone number in authentication methods, that at the next login user would be prompt for provide new one. We are using standard built-in user-flows…
What are the accepted types for claims in Microsoft Entra Verified ID
I can find on the documentation mentions of type like "String" or "image/jpg;base64url" but can't find a list of the accepted types. Can anyone help me ?
Logging into Azure portal with the usual credentials now results in "Limited or No Access"
TLDR: Can't seem to log in to Azure Portal with primary user account -- indicates Limited or No Access. Hello. In the course of troubleshooting some recurring billing problem, I have really messed up my account. Specifically, when I now log into…
Azure ADB2C callback url is giving bad request of redirect from OpenID connect
Hi, I have a single sign-on solution using Azure ADB2C. I use custom policies. We have different IDPs and one of them is Auth0. We are connecting to Auth0 using OpenID Connect, but looks like we are having an issue in redirection after user…
Users with MFA: Enabled, Disabled, Enforced
I manage a Azure AD Does anyone have a PowerShell script that can help me get all users from Azure Active directory with MFA: Enabled, Disabled, Enforced Thanks for the help.
How to delegate permissions to Service desk team for managing MFA in Azure Active Directory
How to delegate permissions to Service desk team for managing MFA in Azure Active Directory. just MFA reset (revoke and re-register) rights. please suggest
Entra ID Connect and Exchange Hybrid setting checkbox?
I am using Hybrid Azure AD and Entra ID with Password Hash Sync, all objects are synchronized using the Azure AD Connect software. There are 2x Exchange Server 2016 but both have no mailboxes on-premise only used for managing the AD attributes as I…
A user is excluded in conditional access policy but it is still applied
Hi all, I have a conditional access policy that requires MFA. Last week a user called and reported that instead of logging into offie 365 account they get "More information required Your organization needs more information to…
Weekly digest says new risky sign-ins detected, but nothing in risky sign-ins report
I received the usual Azure AD Identity Protection Weekly Digest email today, but this time it said that 7 new risky sign-ins were detected: If I click on the link, it takes me to the "Risky sign-ins" report in the Azure portal, set up…
Adding Entra ID authentication to a web app that utilizes Web PubSub in Azure
I'm trying to simply add Microsoft Entra ID for authentication to an Azure web app. I have a javascript chat-app using Web PubSub that worked perfectly using this…
on-behalf access chaining
We have frontend (React) with on-behalf / delegate permission given to middle layer (python) application. This we could get through various sample and have graph API called from middle layer python application. Some of on-behalf graph calls to be done in…
Conditional Access and Microsoft Authenticator Sign In
We're using conditional access policy to restrict access to 'Register security information' to trusted locations only. This policy blocks home users from signing into the Microsoft Authenticator. How are you handling this security recommendation?
Not getting access to identity provider
Hi folks, I'm facing an issue while access the 'identity provider" Section in Azure AD B2C. Where i've the following permssions, Global Administrator User Administrator External Identity Administrator (Recommended for Enabling Identity…
Error accessing Azure sql from Azure databricks using jdbc authentication=ActiveDirectoryInteractive
Getting below error while accessing Azure sql using jdbc from Azure databricks notebook, com.microsoft.sqlserver.jdbc.SQLServerException: Failed to authenticate the user p***** in Active Directory (Authentication=ActiveDirectoryInteractive). Unable to…
What exactly is ADIbizaUX?
What exactly is ADIbizaUX? I keep seeing posts about this application online, most of which are questioning the validity of the application due to unattended sign-in requests to it. How can there be user sign-in logs attempting to access ADIBizaUX if…
Implementing Security Settings Post-Disabling Security Defaults
Hello Microsoft Community, At our company, we are currently working on enhancing our security level by configuring Microsoft Intune and Entra ID. This includes the use of conditional access policies, necessitating the disabling of the Security…
External identity cannot accept the invitation
This user ([saadi@onminerets.onmicrosoft.com]) was invited to this tenant cfeee0c4-dbf3-44f7-b6c7-361ade5b4555 though without mailbox but was sent the invite link and when clicks the link he get this: When he clicks switch accounts, he gets this:…
Add non Global Admin to see all OATH tokens
We are currently onboarding a new IT admin. We have successfully given the Authentication Admin role to the new IT employee, however, when we attempt to see the hardware MFA tokens that are in preview the admin cannot see any of the OATH tokens that are…
Creating Conditional Access policies after disabling security defaults
We have newly introduced Microsoft Intune and Entra ID in our company, and we are trying to create Conditional Access policies. However, when creating them, we are prompted to disable the security defaults. Is it possible to replace the security defaults…
Do we require License for Internal user to read or View in share point online?
Do we require License for Internal user to read or View in share point online?