This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 36%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDC%3C/text%3E%3C/svg%3E)
I have a tenant fully configured to use Microsoft Entra External ID. A valid Azure subscription is linked, and a Developer Support Plan is active on the subscription.
We’ve created a self-service sign-up user flow, enabled identity providers, and registered our application properly. However:
Screenshots and diagnostics are available on request.
I am hoping that someone from Microsoft can manually provision or repair the backend identity policy enforcement infrastructure for External ID on this tenant so that user flow-based login and token issuance can work.
Thank you!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Just checking in to see if below information was helpful. If you have any further updates on this issue, please feel free to post back.
Following up to see if the below answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
I solved it, thanks.
If the information below has been helpful in addressing your question, please accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.
I understand you're encountering issues with the configuration and provisioning of the backend identity policy enforcement infrastructure for Microsoft Entra External ID in your tenant.
1.Please ensure that the permissions and configurations for the self-service sign-up user flow and identity providers are correctly set up.
2.For the /authorize endpoints returning 403 errors, verify that access control settings and policies are correctly configured.
3.Regarding the Graph API call to /identity/b2xUserFlows/B2X_1_devSportHubSignupFlow/assignedApplications: The error message "Resource not found for the segment 'assignedApplications'" suggests that this endpoint may be invalid or inaccessible. Please double-check the endpoint syntax and parameters and ensure the application making the call has the necessary permissions.
4.For Microsoft Entra governance features: The 403-error related to 'Microsoft_AAD_ERM' indicates potential access or permission issues tied to governance components. Review the access control and role assignments required to use these features.
Could you please share the screenshot to understand issue better.
Hope this helps. Do let us know if you any further queries.