How to redirect external user sign in attempt to initial sign in page instead of error page?
Sign in with Microsoft added to our app through our Entra ID. It works only for our tenant users, which is okay. But when external accounts outside our tenant attempt to sign in, a Microsoft error page shows up with sensitive info of our tenant…
How to resolve Invitation Redemption failed error in a B2B SAML Federation scenario with OKTA
I am currently testing the integration of OKTA as a SAML federated service, with Entra, for B2B guest access. This is a prelude to an urgent live deployment requirement that I have for a client. I have created an OKTA developer account, configured the…
How to fix error "AADB2C90046" returned back by ACS endpoint of Azure AD B2C?
Users are encountering an error after successful authentication through SiteMinder (external IdP). Following authentication, SiteMinder sends a SAML Response to Azure AD B2C's ACS endpoint, but B2C returns the below…
How to fix error "Account already exists" when signing in google users on a customer entra tenant?
Dear Microsoft support team, My name is Javier Ortega, and I am writing to seek assistance with: Authentication from .Net application to Entra tenant, with google users. Currently we have a group of users migrated to a customer (external) entra tenant.…
How can I assign Visitor access for external users to a SharePoint communication site?
The SharePoint site access does not allow me to add a visitor's email address. These external users have NOT been entered as Microsoft Entra guests. This SharePoint communication site will store training videos. So visitors will NOT be allowed to edit…
Endless login loop - locked out from tenants
We are currently locked out from some of the CIAM tenant(s) we manage. This issue seems to surface with every tenant we created during this week after some time passes. When we try to login, the following prompt is shown: Then, after clicking next,…
Azure AD B2C token enriching preview status for user flows
For Azure AD B2C, how long is the ability to enrich tokens with external claims using the api connector in user flows expected to be in preview? This will help make a decision about whether to use this functionality. The current documentation shows…
b2c prompt=login not working as expected
We are noticing an odd behavior with the prompt=login option using B2C custom policies and could use some help from this support forum. My requirement is to force re-auth for the following use case: “Sign in as a different user” or “Hi John Doe! Not you?…
Azure AD B2C user flow : Is there a way to hide custom attributes on the unified signin/signup page without removing it AND not having to Use custom page content?
I am setting up an Azure AD B2C user flow. I am using the unified sign up or sign in page. The User attributes: User Attributes: Built-in : Given Name, Surname Custom: InternalUserid I want to hide the internalUserid on the…
Multiple Tab Login AD B2C Get BadRequest
I have been working with ad b2c, sucesfully configured an app and created a login flow, I have already created a login connection using MSAL library with REACTJS, and is working good. However, if I open in 2 different tabs the url login, while in the…
I changed my account to an internal account by accident on Azure
I was playing around with permission in Azure and ended up changing the main account to internal instead of external. I cannot access my account any more, and can't even create a request and a phone call to my regional office just told me me to create…
How to Resolve issueAuthentication fails with an error stating "The requested federation realm object '< Object ID >' does not exist"
I am trying to add OKTA as an Identity Provider in the Entra ID. and i keep getting this error " Authentication fails with an error stating "The requested federation realm object '< Object ID >' does not exist" I have gone through…
Intune PIM roles needed to view Log Analytics in Entra ID
What role(s) do I need to have activated in order to view Log Analytics within Entra ID? When I looked into it, I saw that you need Security Admin and Global Reader activated. I have both of these roles, although when I go to Entra ID -> Log…
How to avoid login/sign-up redirection/popup when using AAD B2C from React Application?
Hi, When using Azure AD B2C with React SPA, can the login redirect/popup be avoided? I have a business requirement to embed the login/sign-up page in react instead of using MS hosted pages (even if customizable), not show the sign-up/login url to…
Invalid Content-Security-Policy Header when using Custom Policy with JourneyFraming
I'm looking into embedding the Azure AD B2C sign-in page in an Iframe in my SPA. Following the documentation, I have added my domains (MYDOMAIN1, MYDOMAIN2) in the JourneyFraming element of my Custom Policy. The authentication works - however, there are…
How to authenticate Microsoft Account users through Entra External ID
When I invite an external user via by providing their email address They receive an invite link via email After accepting the invite, if that email is not associated with an existing Microsoft Account it gets added to my directory with Identity Type:…
B2B-Self service sign-up userflow
Hi, I have setup a self-service sign-up user flow for our b2b users,when they click on application link they can sign-up (if not having an account) and then their identity is created in tenant. The issue I am facing is I am not finding a way which…
cross-tenent application security concern
There is an cross tenant application, which used by customer tenant A and customer tenant B, both A and B grant permission to the Application to their own resources RA, RB. Does It possible tenant A be able access resource RB by the Application? In…
Will Azure Virtual Desktop use Microsoft Entra External ID for external-facing apps?
According to the AVD documentation, in order to offer apps or desktops running on AVD to external users or customers (cloud-only deployment), identities must be created and managed manually, and then the credentials are provided to the users. Since AVD…
How to protect Flask API routes with Azure AD B2C?
This is not that well known so I thought I may come up with an article but first, let's see if others from the community can contribute. Copilot/AI is fine but do not forget your personal touch :)