how to tell if a classic conditional access policy is being used
I am responding to the deprecation classic conditional access policies and i am finding it difficult to determine if a classic conditional access policy is being evaluated. I can see that the classic policies are enabled. When I edit the policy and…
I need to restore a recently deleted App Registration, but I don't have permissions to do it
I have an app registration that got deleted (not by us ... guessing because it is very old and isn't used so maybe for security reasons someone deleted it) but now I have to set up the new code signing and I need to enable it again so code signing can be…
Azure SSPR-Implementing with M365 E5 Licence
Hi Team, Since Azure Entra ID SSPR requires each user to have Azure Entra ID P1/P2 plan for them to avail SSPR, I've read somewhere that those who have the M365 E5 licence will already have the Entra ID P2 plan that will help them avail SSPR. Can someone…
Expression builder multiple IIF nesting
Hey folks, I've run into a problem in building expressions. As part of our Workday to Active Directory provisioning, we want to have the email address built out based on Company name. However, we have multiple company names under our AD user profiles and…
help with MSAL and node.js
I seem to be running in circles and could use some guidance. We have a Vue based front end site that has our own username/password/mfa solution that, once logged in, sets a series of auth cookies back to the browser that go to each API call on our back…
How to add a timeout system to my API Management Developer Portal?
I have an API Management developer portal (standard tier) that I want users to be timed out of after inactivity. I've been testing my developer portal and it seems that the user will stay signed in even if they do not interact with the webpage. I am…
Azure B2C - user can still visit website after logging out
Hello everyone, I am having problems with my azure b2c logout methods. I am using a .NET 4.8 C# MVC app connected to azure b2c. Our app uses openidconnect and cookie authentication. The login works great, and I am using local Entra accounts for this…
Can't Remove associated tenants in organization settings
Hello guys, i'm an admin in two associated companies, and when trying to setup a multi tenant organization i got stuck in this situation where i can't remove neither of the associated tenants, i can't see the remove button in any of the accounts : 1- 2-
Azure SCIM: remove user from sync group does not delete the user
I sync Azure AD into my server via SCIM. I created an application and I assigned a group with users to that app. I started provisioning. When I add a user to the sync group, I see a SCIM call to create a new user and to add it to the group. When I…
On Microsoft Entra I am unable to see user name with unauthorized access how do I view the users?
Hello I see unauthorized sign-in on the Entra Microsoft account. I don't see the list of users that are having unprotected sign-in. How do I see it? I have all the privileges still I don't see the names of the users.
Add active directory group to AZURE SQL
Hi I have a an AD group created in AZURE, and I need to add it to AZURE SQL to be able to access certain object. Any advice on how can I manage that? Regard Waleed
Dependency between a published app and the publisher/primary domain
Hi folks!! I'll try to explain my case best, sorry if it's hard to understand... We have two tenants: one called "Tenant A" with a primary domain "blue.com" one called "Tenant B" with the primary domain…
Could not create application in new azure b2c tenant programmatically using token generated from app/user credentials on subscription directory?
I have created a new azure b2c tenant directory programmatically using MS API. now I want to register an app on newly created azure b2c tenant without switching into it manually. To generate token, I have created a multi tenant app and global admin user…
Azure support request ignored
I have dev support in Azure, I created a severity B support case over a week ago but no one has replied, how do i get it looked at? Support ID 2406070050004094
unable to access storage account with a private endpoint from standard logic apps using managed identity
unable to access storage account with a private endpoint from standard logic apps using managed identity
Integrating Blazor webassembly (standalone) with AAD B2C
Hello, I'm building a website using Blazor webassembly (standalone) and I was able to integrate it with AAD B2C. The user can login, update password, and register with almost no issues. In appsettings I added Authority to point to B2C_1_susi user flow.…
MFA Authentication Strength re-prompting for MFA registration
We have a Conditional Access policy to prompt users for MFA every time they use the Azure VPN. This prompts for their password and then a Microsoft Authenticator notification. We would like to remove the need for users to enter their password but keep…
Change device's actual owner on Azure
Does anyone know how to change or update the owner of a device on Azure? Recently navigating on Azure's devices for my site observed several of these devices showed an owner not reflecting the actual one and want to make corrections to this. Please…
Application asked for scope 'roles' that doesn't exist
Hello, we have a app registration with openid authentication, but during authentication we get the following error: Error: invalid_client Description: AADSTS650053: The application 'XXX' asked for scope 'roles' that doesn't exist on the resource…
Is it possible to use Azure Entra ID without the Domain Services?
Is it possible to use "Microsoft Entra ID" without the "Domain Services"? Background: I went to the Pricing Calculator website and selected "Microsof Entra ID". Then, the calculator adds a second item, "Microsoft Entra…