how to create new user in Entra ID
please as a global administrator on eligible assignment, i have been trying to create a new user in my organization without success because the create user option in the user information is action only the invite option is active. please advice. thanks.
Supporting single sign-on behind an application gateway
Hi there, We're trying to deploy an application that supports single-sign on using Microsoft Accounts. Our application is running locally as expected. We're now trying to deploy on our Azure architecture. The application runs as an App Service. The App…
Grant Entra ID permissions to service principal
Hi team, I'm confused with role assignment for service principal. It seems there are 2 ways to grant permission to service principal (for example permission to read directory). One way is to assign an Entra role with directory read permission (such as…
cannot change access management for azure resources as a global admin
cannot change access management for azure resources as a global admin
change the Identity Issuer name in Entra
Hello, How I can change the initial name before claiming our custom domain? everyone we have the custom domain except on the identity issuer
Azure B2C, Sign in using multiple policies
I'm currently using Azure B2C to sign in users using the Microsoft.Identity.Web framework. My configuration looks something like this services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme) .AddMicrosoftIdentityWebApp(options => …
Getting AADSTS501204 Malformed jwt error while logging into Microsoft apps. how to resolve this?
I have changed password for my company account. since then I am facing malformed jwt error when I try to login into Microsoft apps. I am able to login to microsoft apps through browser with new password but unable to login through installed apps. It is…
Website URL not considered valid in Trusted Signing
Hi all , I'm attempting to go through the trusted signing process but hitting a validation blocker. For website URL it's not accepting the .foundation domain. Is there any known workarounds for this ?
Exporting user last login to M365 or Azure to .CSV file ?
How can I extract and export the last user login time to the M365 portal or Azure AD as .CSV file? is there any PowerShell script or GUI procedure?
Issue with authenticating API management with Azure OpenAI services using managed identity
Hello, We are trying to connect API management services with one or multiple model deployments on Azure OpenAI services. Basically we are trying to do some version of what is shown in this repo (and this blog post). Following the instructions, we have…
Can Azure AD Connect and Azure Cloud Sync exist and function in parallel
We already have the Azure environment setup for Windows Windows Hybrid Joined Devices and it's functioning as expected. We now wish to sync Azure AD Cloud Security groups to on-premise AD. During my research, I discovered that Cloud Sync is the…
Password Policy on Azure AD and Conditional Access Policy
Please help me with the setup of password polices on Azure AD as the polices we have been set are not showing, or any other Conditional Access policy that can be applied on our Azure AD.
Can Ping be added as an Identity Provider in Azure B2B
We have a requirement to build an application for our company's joint venture partners. One of the partners happen to be using on-premise ping, others use Azure. Can Ping be added as an Identity Provider in Azure B2B? We tried it with Azure B2C and found…
How to clear the account list in the Web Account Manager list of Accounts displayed by WAM Broker
I have a WPF desktop app that accesses an Azure WebAPI. It uses the MSAL library and when authenticating uses the WAM broker. When the list of accounts is displayed, there is an account of someone that used the computer once when I was logged on to the…
Restricting CoPilot access to under 18s
Hi, I work in an educational establishment and am doing some work on getting ready for Copilot. For the purposes of my question, I am not referring to the Office integration, which requires a license/subscription to access - only the Copilot features in…
Request_BadRequest returned when trying to assign Custom Attributes to B2C Users
I created a new custom attribute for my B2C users, as I want to assign them a string value associated with their account with this custom attribute. The value will be read with their token and passed through to my application. I've been able to obtain…
Synchronize one account's Azure VMs domain controller with the Microsoft EntraID of another Azure account
Hi everyone. We have two Azure accounts, the first ("A") has a pay-as-you-go subscription and we have a vNet and two VM Domain Controllers, the second ("B") is our Office365 account. A custom domain has been configured for…
Create Entra Scoping Filter based on AD Group Name
I have an Azure Entra ID Application setup for managing OIDC SSO & SCIM Provisioning with GitHub Enterprise Cloud. Is there any way I can use Scoping Filters to automatically add AD groups to SCIM based solely on the name of the AD Group? i.e. …
How does the app registered in Azure AD support multi tenants to request access token for SharePoint API?
I recently registered app in Azure AD for SharePoint Online access with OAuth authentication. The account type was set to "in any organizational directory (Multitenant) " , and the API permissions are set with the scope "SharePoint -…
Automate sending email notifications for client secret expiration of App Registration under Microsoft Entra ID
Is there any way to set up email notifications or alerts for the expiration of any client secret in an app registration on Microsoft Entra ID ?