How to add an aud claim to JWT ID token?
I want to use Microsoft Entra ID (Azure AD) as an access provider to an external database (Fauna). However, when authenticating using Microsoft Security Authentication Library (msal) the generated JWT ID token aud claim is the application ID (as…
samltoolkit registration error
I am following guide in this https://learn.microsoft.com/en-us/entra/identity/saas-apps/saml-toolkit-tutorial#assign-the-azure-ad-test-user. I am stuck at registration on https://samltoolkit.azurewebsites.net/Account/Register I use User principal…
Microsoft Entra - How to Trigger an MFA Request with an API
Is it possible for a custom application to trigger a Microsoft API to prompt the user via email, text, or Microsoft Authenticator to authorize themselves into our application? We've implemented this using Okta and we're considering moving to Azure,…
How to sign in on azure portal free account for unsupported countries?
I am trying to sign in on azure portal free portal account , but i found my country is not in list of supported . How can i use it? I have try to contact the support team by asking support request this is the error: The portal is having issues…
Disallowing users to modify the Network Security Group, Firewall and VNET settings in my Azure Subscriptions?
I wanted to restrict the ability for the users to add and modify the NSG rule for all users, except the member of the Azure cloud-only group called "Network-Team". This policy must be enforced for all Network settings like NSG, VNET or firewall…
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
Login attempts using Password Hash Sync
First of all legacy auth is blocked, all other countries are blocked, MFA is enforced for everyone, and other risk factors block access. The issue is Password Hash Sync that's used to support Hybrid Azure AD doesn't trigger any conditional access…
Entra Domain Services and subnet
I am attempting to create Microsoft Entra Domain Services I have created a VNET with address space 10.35.0.0/16 I have created a subnet with address space 10.35.2.0/24 But when creating the domain and attempting to assign the domain services to the…
How to change audience in token used for Azure Analysis Services REST API?
We use the Azure Analysis Services REST API to trigger model updates and refreshes. We received the following email from Microsoft indicating that the audience for the token used to make those requests needs to be changed. You’re receiving this notice…
Adding groups to Administrative Units
I navigated to Entra https://entra.microsoft.com/ under Identity > Roles and admins > Admin Units and created an Administrative Unit with Restricted Management enabled. This was done while I was elevated to Global Admin. After creating the…
Azure B2C Custom Policy with Conditional Policy for Risky Sign Ins and enabling MFA
Hi , We are trying to achieve the implementation of conditional access policies in our Azure B2C Custom Policy for risky sign ins. Depending on the Risk we will enable MFA for those users. We came across below MSFT Link which in turn points to below Git…
Enterprise Application Provisioning Interval (SCIM) to Realtime from 40 mins
can we change Enterprise Application Provisioning Interval (SCIM) to Realtime from 40 mins, anything better than 40 mins may be 5 mins , 2mins
![](https://techprofile.blob.core.windows.net/images/gHEWUnN1mUyNhqM5iDIskw.png?8DBAF4)
Discrepancy Between User Type in Entra ID GUI and SAML Claims
Hi, I'm experiencing an issue where the "User Type" of a user is configured as "Member" in the Entra ID (Azure AD) GUI, but the SAML claims are sending UserTypeCloudManaged or UserTypeOnPrem from the user.userType attribute as source…
![](https://techprofile.blob.core.windows.net/images/SbBXW6wumkK4XgZSyURk4A.png?8D926C)
How to modify the order number of test cases in Azure Test Plan
I have uploaded a CSV file containing a test design to Azure DevOps. The file includes 43 test cases with order numbers ranging from 2 to 44. I want to change the starting order number to 1. However, I am having difficulty editing the order number for…
![](https://techprofile.blob.core.windows.net/images/d2tvFBHkuECHIdJFwoOShw.png?8DB3F8)
i can't activate Azure P2 license and it made me set up another tenant .What can i do for this situation
I created a new azure free tenant to study for my AZ-104 but unfortunately,I can't activate a P2 license and it mademe set up another tenant.
![](https://techprofile.blob.core.windows.net/images/YWrcWuqQpE6CO6DkdAjCCA.png?8DC708)
Azure Provisioning Atlassian Account Failure
I am an Atlassian Admin, we use Azure as our identity provider, but I noticed we are getting multiple errors in the Atlassian user provision logs, I am new to the company and this was set up prior to me. We found 514,660 errors. To investigate, view the…
Is Azure MFA server same as NPS with Azure ?
Hi, I read about a news here https://azure.microsoft.com/en-us/updates/azure-multifactor-authentication-server-will-be-deprecated-30-september-2024/ that Azure MFA is shutting down on September 2024 and we should migrate to Microsoft Entra. However, I'm…
Unable to create the synchronization service account for Azure Active Directory.
Unable to create the synchronization service account for Azure Active Directory.
Registered App to send email through Wordpress website forbidden
I've registered an app to send email from a wordpress website using the fluent SMTP plugin followed the fluent SMTP instructions to create the app 3 times now I'm sure I've followed the instructions but still getting a forbidden error. I see in…
Unable to Change Existing User’s Username/Primary Email Address in MS365
Unable to Change Existing User’s Username/Primary Email Address in MS365 When logged into the MS365 admin portal as a Global Admin, trying to change an existing user’s username and primary email address, the change fails, and the dialog box shows this…
Change of ExternalId attribute in SCIM
Hello, I'm considering updating the ExternalID attribute to a different attribute in our Azure Entra ID SCIM provisioning setup. How should I update it so that I don't create new user accounts in the application? Is it even possible? Thanks in advance