Incorrect error message in Azure UI when adding a "Domain name of federating IdP"
Hello - I'm having issues setting up SAML External Identity provider. First, I found a bug: when I add a "Domain name of federating IdP" to an existing SAML Identity Provider, and that there's an error, the message is always:"Failed to add…
Entra External ID - Migration Options
I need to migrate users from an on prem Auth provider, where I am not able to access the passwords (On way hashed) to Entra External ID, Is there away in Entra to valid the user against the on prem auth when signing in and then move the password to Entra…
How to add private IP address in the Journey framing in the relying party in Azure AD B2C custom policy?
Hello, I am currently setting up a custom policy for my application using Azure AD B2C with Identity Experience Framework to customize the Sign In and Sign Up flows. However, I encountered an error message while uploading the custom policy in Azure AD…
How to provide change password link in our application
Is it possible to provide a link in to the change password flow for an already authenticated user? i.e. they've already signed in to Entra External ID, redirected back to our application but we'd like to give them a button to "Change your…
Is it possible to render dynamic HTML content independently through AD B2C Custom Policy?
After Sign in, I want to render HTML content. This HTML content is dynamic and is returned from an endpoint. I want to render this HTML content in AD B2C custom Policy. So everytime a user signs in in the sign-in flow it should render the dynamic HTML…
Restricting a managed identity's access to Azure Cosmos DB for MongoDB account (RU)
I have 5 container apps with that each have a user managed identity. Each of the container apps uses their identity to connect to a Azure Cosmos DB for MongoDB account (RU) database by having a read access to a key vault that contains the primary…
I changed my account to an internal account by accident on Azure
I was playing around with permission in Azure and ended up changing the main account to internal instead of external. I cannot access my account any more, and can't even create a request and a phone call to my regional office just told me me to create…
Azure ADB2C: What is the Maximum Redirect URL Length? (AuthCodeFlow)
I am trying to find out what is the maximum ADB2C redirect URL length so I can update my <requestLimit/> web.config configuration. Apparently 4096 is still too small. Thanks! Mike
Why does the Azure AD OpenID Connect metadata document v2 endpoint now require 'jwks_extensions' when using the 'client_id' query param?
We have an application that uses Azure Active Directory to authenticate our users. We have been using the Azure AD OpenID Connect metadata document v2 endpoint with the client_id query param (ex.,…
Getting access to external tenants
Hello, i am trying to write some code to get access to external tenants, currently i have registered an app within my own, and gave it many permissions (delegated and application) but it only has access to my own tenant. If i would like to get access…
After Configured policy settings for Windows LAPS using entra id
After Configured policy settings for Windows LAPS using entra id unable to find local admin password instead of policy is successfully deployed in the device.
Authentication issu with react
auth: { clientId: ClientId, authority: `https://${TenantId}.ciamlogin.com/${TenantId}/v2.0`, instance: `https://${TenantId}.ciamlogin.com/${TenantId}/v2.0`, tenantId: TenantId, callbackPath:…
We have followed the steps in this document https://learn.microsoft.com/en-us/defender-for-identity/vpn-integration to setup VPN Integration for Defender for Identity. However we don't see the sensor receiving any data. As per the document we have added…
We have followed the steps in this document https://learn.microsoft.com/en-us/defender-for-identity/vpn-integration to setup VPN Integration for Defender for Identity. However we don't see the sensor receiving any data. As per the document we have added…
How to fix error AADSTS500210 when using a custom domain?
We have two Entra External ID tenants (companydev and companyprod). For both of them we set up a custom domain (id-dev.company.com and id.company.com). In both tenants, I created a user flow and added an app registration to it. When I grab the OpenID…
Azure B2C no labels showing up on profile editing page
There are four user attributes required for our user profiles in Azure B2C. When you go to the B2C profile editing page, there are four text boxes, but no labels. There is no way for the user to know which text box represents which profile attribute. We…
AZ B2C User Flows not showing
To test PowerPages and B2C authentication I created a B2C in my tenant. Got everything set up and it worked fine. Came back the next day and the User Flows section was gone from the menu. As a test I created a new B2C, associated it with current…
Error Code: 53003 - Can't access my portal.azure.com
I was granted full admin on my account, yet when trying to login to portal.azure.com i get the below error: I think this is related to conditional access - but i don't have any conditional access tab on my portal - since i have entraID basic…
Identity Provider using SAML Logout Response for a federated domain
I have setup my SSO using SAML protocol for a custom domain users on my azure portal using domain federation settings using the API https://learn.microsoft.com/en-us/graph/api/domain-post-federationconfiguration?view=graph-rest-1.0&tabs=http. Having…
I'm not able to remove custom extension from my Microsoft Entra tenant
I tried to configure a AttributeCollectionSubmit (Preview) custom extension. It didn't work for me and I decided to do it in a different way, but creating a new TokenIssuanceStart extension. Now I'm trying to remove this failing extension but it doesn't…
AAD B2C - "Lag" after custom policy upload
Hi everyone, when I upload a new version of a custom policy it takes a varying amount of time (from a few seconds to five minutes) until the new version is used. During development this is very frustrating and time-consuming since I either have to…