User (Colleague) Invitation Login Failure for CIAM Directory: User invitation link return AADSTS500208: The domain is not a valid login domain for the account type
I am the global admin or our tenant and I created a new tenant directory for our app using Microsoft Entra ID for Customers. I'd like to add a colleague from our default tenant to administer the tenant directory of our app. What is the best way to do…
How to set SessionNotOnOrAfter attribute in Entra ID?
GitHub supports the SessionNotOnOrAfter attribute in the AuthnStatement…
Azure AD B2C User Account Recovery Code
We have setup Azure AD B2C login for our application. Currently we have setup custom policies for Signin Signup using TOTP MFA which is working fine. We want to implement a recovery code functionality using which user can download recovery code during…
Request for Assistance: "Need Admin Approval" Error
I am reaching out to seek assistance with an issue that we are encountering an authentication issue when users attempt to access our application, which is registered in Azure Active Directory (Azure AD) Description of the Issue: When attempting to access…
Guest access with Google Workspace account using OTP doesn't work
Hello, Guest access is configured in our Microsoft 365 tenant and works correctly, except for users with Google Workspace accounts using @fabrikam.com domain (example). No federation is configured in our tenant. One Time Passcode is configured in our…
sign in using 2fa
Hi, I tried to sign into my school account using 2fa but this is what pops up. Idk how to fix it
Confusion around Azure AD B2C vs Microsoft Entra External ID
Hello. I have read many, many articles on this topic. Here are key outcomes important for my question: Microsoft Entra ID is a new name for AAD. Azure AD B2C is part of Microsoft Entra ID. Proof: Microsoft Entra External ID is a new CIAM - basically…
B2C - Custom Policies - Multiple Different JwtIssuer technical profiles
Hi team, I have a custom policy that determines if the incoming client id is a mobile app based on a whitelist - to which I want to use a different JwtIssuer Technical profile with different refresh token lifetimes defined. So define the refresh token…
What is the correct MS Entra settings for allowing other companies Azure AD users into my web app?
I have a Web app that has regular user and password login. A Customer requested to be able to use Azure to manage their users (we have a 10 users plan). What is the correct set of MS Entra products and settings to use in the situation? I developed an…
Azure ADB2C callback url is giving bad request of redirect from OpenID connect
Hi, I have a single sign-on solution using Azure ADB2C. I use custom policies. We have different IDPs and one of them is Auth0. We are connecting to Auth0 using OpenID Connect, but looks like we are having an issue in redirection after user…
Azure B2C Authentication with OWIN for ASP.NET MVC Application - Login is not prompting for credential after successful Logout
We have an application that is built using ASP.NET MVC. We have implemented Azure B2C authentication with OWIN (Open Id Connect) framework. Login functionality is working fine for the first time however, we have another requirement that the application…
Azure AD B2c automatice session timeout not happening
I have React Application which is using Azure AD B2C to authenticate users. The session configuration in the Azure portal is set to expire within 15min. But after 15 min the session does not expire at all. My testing process: I login using Azure…
Azure Application Proxy available also for Azure B2C Identities?
Can Azure Application Proxy also be used and work for Azure B2C Identities?
Does Azure AD B2B works with Okta ?
Hi, will Azure AD work for B2B user's if we have federation enabled with okta ? We have Okta as primary IdP. Is there any issue or limitation when Okta is in-place and Azure AD b2b federation is enabled ?
Azure AD B2C - Claims transformation with 'StringSubstring'
Hi, We have single-sign-on solution based on Azure AD B2C. We also have multiple IDP's integrated through custom policies. One of the IDP is Auth0 and Auth0 has some other internal federations. When user is trying to sign in through Auth0(using…
UserInfo endpoint does not output StringCollection claims correctly
I have implemented a UserInfo Endpoint for a RelyingParty in my B2C Tenant. The string claims output correctly, but the StringCollection claims are issued as System.Collections.Generic.List1[System.String] It's not possible to output a JSON array…
No permission to create Resource Group in Pay-As-You-Go subscription
I have pay-as-you-go subscription, I have already 4 tenants. If I am going to create a new tenant, while creating the resource group, it says that I dont have permission to create a Resource Group under pay-as-you-go subscription. Any idea how to address…
Hello, The only account for azure portal (XXXXXXXX@outlook.com ) doesn't work . Subscription:pay-as-you-go. Tenant ID:XXXXXXXXXXXXXXXX Subscription ID: XXXXXXXXXXXXXXXX
Hello, The only account for azure portal ([XXXXXXXXXXXXXX@outlook.com] ) doesn't work . Subscription: pay-as-you-go. Tenant ID:XXXXXXXXXXXXXXXXXX Subscription ID: XXXXXXXXXXXXXXXXXXXXXXXX { "sessionId":…
Is it possible to create custom user attributes in azure AD portal?
I tried to add custom attributes for user entities in the Azure AD portal. But I could not find any option to do so. Is there any way to add custom user attributes? I'm not using Azure AD B2C. It's just the regular Azure AD.
Regain Access to B2C Tenant with Orphaned MFA Device
I have a B2C tenant linked to my subscription that I lost access to, as it only had one administrator and that administrator's MFA device died and had to be replaced. I no longer need the B2C tenant, but I can't delete it because it has custom flows…