Content
2,211 questions with Azure Active Directory External Identities-related tags
How to call an Azure AD protected API from an Azure AD B2C protected API and vice versa?
I have two APIs: API A and API B. We also have client apps SPA A and SPA B which communicate with API A and API B respectively. I now want to configure communication between API A and API B. API A is registered as an application in Azure AD B2C. Only…


Where can I find Azure Active Directory B2B documentation
I can find the B2C documentation but I am getting a 404 error when looking up B2B documentation. Is it available in online anywhere? I am not able to find it.


Integrating Biometric Login in Azure AD B2C
We want to implement biometric based login for iOS and Android applications using Azure AD B2C. We found this article/documentation: Configure Transmit Security with Azure Active Directory B2C for passwordless authentication We are trying to achieve…


My account is locked when trying to access Azure portal
When I try to Access Azure Portal, it shows that my account is locked, How do I unlock it


How to migrate from Existing CIAM to Azure B2C
Client IDP and internal CIAM tool IDP with setup with SP initiated. There are other configuration in existing CIAM. If we plan to migrate from existing CIAM system to Azure b2c , what is the recommended tool or approach so we can avoid to re-configure…


Custom Policy for azure ad b2c not working with custom email and Totp (both) working seperately
I am working with azure ad b2c custom policy for authenticating our users. We needed custom email verification and totp MFA flow both in our signup/signin flow. Though through samples provided by microsft we are able to implement custom email and totp…


Email claim not present in output for orchestration step
Hi everybody ! I'm facing an issue with the following by using ADB2C and IEF custom policies during the passwordReset userjourney. I have the following technical profile : The passwordreset user subjourney is the following: The aim is to send the…
API connector in a user flow for Azure B2B external identities
Is it possible to run custom business logic (e.g. some Graph API calls) using an API connector before sending the token (during sign-ins)? If not, is this something which is on the roadmap?


How aad b2c api connector integrate to springboot project
Pushed a springboot project docker image and developed in app service,how can i use api connector to call springboot api,is there a code sample?


Encoding Issues in B2C Custom Policies
We are facing encoding issues in our B2C custom policies, even after updating all ContentDefinition DataUri to the latest templates. The problems arise in the signinup and password reset custom policies, where characters like "ä" are not…


SharePoint guest user sign-in error - AADSTS50177
Hello, I am working to grant access to a guest user to my tenant so they can access a SharePoint site. I have created the guest user, invited the user, and set their permissions on the specific SharePoint site. When they go to sign in, they get the…


Requesting Assistance with Granting Read-only Permissions for Views in Azure SQL Serverless Pool to Guest User in a Canvas App
Hello Azure Community, I am currently working on a project that involves granting read-only permissions for views on the database level (SQL Serverless Pool) to a guest user in a Canvas app. However, I have encountered a challenge in determining the…


How do I configure multiple SSO IdPs in Azure AD B2C?
I have an application that uses AD B2C for authentication. I need to allow external IdPs to authenticate via SSO into my application via ADB2C. I followed the steps in this documentation and it worked well for one IdP.…


Azure B2C Federated user login - Missing email and UPN
Hi, I'm using B2C federation with external AAD. The user doesnt have any email address in external Azure AD but has UPN value. However, in B2C once the user logs it does create a user profile but with empty fields for userPrincipalName and email.…


Delete signInNames.emailAddress from a federated AD B2C user
Hey guys, I am having a hard time trying to delete the signInNames.emailAddress attribute from a federated user using custom policies. I've already tried to remove it by using a technical profile to update the signInNames.emailAddress with a null claim,…


Azure AD B2C - Administrator changes the password, user not able to login to application
We are using custom policies to login to our application. Now, we have a scenario where the admin reset passwords for the users using the Azure ADB2C blade. But, the user is not able to login to the application when trying to use the temporary password…


Max length of "sub" in ID token
I found that I can user the field "sub" in the ID token as the user identifier from this document: https://learn.microsoft.com/en-us/azure/active-directory/develop/id-tokens However, I cannot find the max length of the "sub" field…


AAD B2C - "Lag" after custom policy upload
Hi everyone, when I upload a new version of a custom policy it takes a varying amount of time (from a few seconds to five minutes) until the new version is used. During development this is very frustrating and time-consuming since I either have to…


Client IDP Send à SAML Response -> Azure B2C (SP) -> Consume SAML Response
Client IDP : External IDP initiating the IDP flow. (Not Azure B2C any external IDP ) Azure B2C : Acting as Service Provider We are looking for below IDP Flow in terms of Client IDP supporting IDP initiated flow. The originator is Client IDP. Client IDP…


UPN different between Graph API and Azure Portal
I am using an AD B2C with applications that can receive connections from both a trusted AD or local accounts. The UPN I see in the Azure Portal (from both local and external accounts) are classical email addresses, and the UPN I recieve from graph API…

