Document Intelligence Studio Label Data Key based authentication error
Hi, i have set up a storage account with a container. i have disabled key access and added my Entra id to the roles with storage data contributor and added the system assigned identity of document intelligence identity with storage reader role to storage…
What are the benefits of the existing single forest AD Domain to convert or upgrade the AD Domain Controllers from FRS to DFSR?
What are the benefits of the existing single forest AD Domain to convert or upgrade the AD Domain Controllers from FRS to DFSR? https://learn.microsoft.com/en-us/windows-server/storage/dfs-replication/migrate-sysvol-to-dfsr FFL & DFL: Windows Server…
Edge SSO not working any more
Strangest thing is happening. We assign Edge (Stabile version) to our dedicated android devices with Azure AD. Yesterday version 124.0.2478.50 (247805005) of Edge AI Browser was starting to install on our devices and we ran in to a problem instantly. The…
How can I assign Visitor access for external users to a SharePoint communication site?
The SharePoint site access does not allow me to add a visitor's email address. These external users have NOT been entered as Microsoft Entra guests. This SharePoint communication site will store training videos. So visitors will NOT be allowed to edit…
AADSTS700027: The certificate with identifier used to sign the client assertion is expired on application. [Reason - The key used is expired.,
Please give me correct solution for this
We wanted to do SAML authentication with Azure, so essentially Azure will be the Service Provider and RSA will be the Identity Provider. I need help with integrating the SAML authentication.
We wanted to do SAML authentication with Azure, so essentially Azure will be the Service Provider and RSA will be the Identity Provider. I need help with integrating the SAML authentication.
Invalid Content-Security-Policy Header when using Custom Policy with JourneyFraming
I'm looking into embedding the Azure AD B2C sign-in page in an Iframe in my SPA. Following the documentation, I have added my domains (MYDOMAIN1, MYDOMAIN2) in the JourneyFraming element of my Custom Policy. The authentication works - however, there are…
Adding Token Based Azure EntraID Authentication to GraphQL APIs created on .NET7
I have a set of GraphQL APIs created on .NET7. I want to authenticate the APIs using Azure Entra ID User/App Access Tokens. Is it possible to achieve the same out of the box, else kindly suggest a workaround.
How to authenticate Microsoft Account users through Entra External ID
When I invite an external user via by providing their email address They receive an invite link via email After accepting the invite, if that email is not associated with an existing Microsoft Account it gets added to my directory with Identity Type:…
How to Resolve issueAuthentication fails with an error stating "The requested federation realm object '< Object ID >' does not exist"
I am trying to add OKTA as an Identity Provider in the Entra ID. and i keep getting this error " Authentication fails with an error stating "The requested federation realm object '< Object ID >' does not exist" I have gone through…
Authorization Issue with Azure App Configuration API
I'm encountering an authorization problem while attempting to perform actions on the Azure App Configuration API. The error message I'm receiving is: The client '5301c929-b34c-4022-a5a2-c3b5e4a29bdc' with object id '5301c929-b34c-4022-a5a2-c3b5e4a29bdc'…
Derivation of AuthnInstant attribute value
I am using Microsoft Entra ID as IDP for my web app for SAML SSO. When I navigate to my application in Chrome the AuthnInstant is from 2 days ago, however for the same URL in Chrome incognito mode it AuthnInstant is current date-time and for Firefox it…
Do Bootstrap Services such as OCaaS Question
I understand that bootstrap services bypass conditional access policies to run uninterrupted. However, I am wondering when this service should be seen in the logs with a successful login. For example, if someone attempts to log in to Outlook mobile but…
How do I send email from Linux machines to Microsoft 365 accounts with oauth2
I have been using app passwords successfully to authenticate users in Linux web applications and to send emails to users. A few days ago, this stopped working. SMTP Auth methods no longer work. My account settings show that Authenticated SMTP can access…
Single sign on redirecting to localhost after authentication
Hi All, I have created an ASP.NET Web forms application with single sign on to MS365. It works fine on my local machine. I am planning to deploy this in a local server in our company. But when I deploy this application it is redirecting to localhost…
AADSTS900561: This endpoint only accepts POST requests. Received a GET request.
Hello, Microsoft I was just quietly watching youtube when I suddenly received a notification about my office 356 account. So I immediately checked whether there was something wrong with my office account. And that was clearly the case when I could no…
How to give access to user-assigned managed identity on registered app on Azure?
I am trying to give access to a user-assigned managed identity to be able to create or delete secrets on a registered app on Azure. So far I have not been able to find a way to do so as registered application does not have any resource group.
Access to Azure Active Directory Subscription - My Role: Unknown
In portal.azure.com I have two subscriptions. One of them is the subscription named "Access to Azure Active Directory". As far as I can understand, this subscription was created automatically via the Office 365 subscription I have. My…
Sole user of tenant "not a member of this tenant"
Hello. I recently inherited responsibility for a free Azure account my organization uses for Azure app credentials used by one of our integrations. When logging in I am greeted by a modal informing me that "You are not a member of this tenant…
LinkedIn API Error: Insufficient Permissions for GET Userinfo
I'm encountering an issue with LinkedIn's API; I'm using OAuth 2.0 authentication, and have specified the 'profile' permission in the request. However, I'm seeing the error {"serviceErrorCode":100, "message":"Not enough…