Conditional access & Authentication Strength policy
Hi to all, i am struggling to setup a working authentication policy but i am hitting a wall all the time!.. First of all we have entra P1 license and tenant is registered before 2019.. When i am using per user MFA setting all works fine to enforce MFA…
Password-based SSO assigning user credentials via PowerShell
Hey folks, We're in the middle of migrating our apps from Okta to Azure, and are having a wild amount of difficulty with the SWA apps in Okta porting across to Azure. We're trying to automate as much as possible, and have a couple of questions around…
Entra ID - Device registration - Require MFA
Hi There, I have conditional access policies for enforcing MFA during device registration with Entra Id. The policy is currently in report-only mode and during the monitoring phase, it didnt show up any user hits or impact. Keen to know what all can be…
How to manage EntraID - Enterprise application - consent and permissions - Admin consent settings via PS?
Hello, I am looking for a way to manage EntraID - Enterpise application - consent and permissions - Admin consent settings via PS. I tried two options: And via Graph: Both options change value in PS, but when I check from UI the setting remains…
Escaping single quotes when uploading OAuth Seedfile
Hello, Does anyone know how to escape a single quote when uploading a seed file for OAuth Hardware Tokens. It's currently driving me mad And example would be the following Username: David.A'llen@contoso.com Whenever I try to upload a seed file with that…
WAM with google authentication
Hello We know that google has deprecated web-view sign-in support. So if app authenticates users with an embedded web-view and you're using Google federation with Entra B2B for external user, Gmail users won't be able to authenticate. Would…
Microsoft Entra - Delegated / Application Permission | SSO Design
Hey, We are currently building an SSO procedure for our software. Without SSO, a secret is created for each user during registration, which is encrypted with the user password and then stored in encrypted form in our database. This secret is important…
Azure Adb2c External IDP Authentication Browser Back Button Click redirects to External IDP Again
We have AD B2C Authentication with .NET 8 MVC Web Application. We configured Open Id Provider with Custom Policy in Adb2c. The authentication is working successfully. But the problem is, after the External IDP successful authentication, the provider…
System-assigned managed identity to request an access token
I have an Azure Function app, calls Azure text translate service restful API endpoint. https://api.cognitive.microsofttranslator.com/translate?api-version=3.0&to=zh Now I want to use the system assigned managed identity to request an access token and…
Script to export csv/excel file of what groups a user is owner of in Azure/Entra
Is there a script to find what groups a user is owner of in azure or Entra admin center? for ex: i want to know what groups Ted Brown is owner of in Azure
Unable to (provisioning) sync users from Google Workspace to Entra ID using Google Cloud / G Suite Connector by Microsoft
We want to sync (provision) user from GW to Entra ID. How to proceed? There's a lot of ways to do the inverse, bring users from Azure to Google. But our main idP is Google, and we want to sync our users from GW to EntraID
Microsoft authenticator app not sending code
I am trying to login to Azure Devops, however when I do I get prompt to input a code into my Microsoft Authenticator App. When I go on the app though nothing comes up to input the code. There are also no other ways to sign in except using the app, the…
Why has my long running 90 day inactive Guest Access Review suddenly start using non-interactive sign-in instead of interactive sign in timestamps?
Hello, I have been running the above mentioned access review for probably 2 years without major issues. Recently it seems that the reviews have switched to looking at non-interactive sign-ins as well as interactive sign ins. There is really two issues…
Microsoft Entra ID Provisioning logs API
Hi, As per the official documentation, to fetch the provisioning logs for Entra ID, we will need a P1 or P2 license for the account fetching the logs. In case the API is invoked by an account only having a free plan associated with it, what is the…
Scheduled Task using Entra ID Account on Entra-joined VM
we have a Windows2022 server on Azure - Entra ID joined only (not hybrid joined!) we want ro run a batch job that authenticates to SQL Managed Instance How can we assign an Entra-Only User account to the scheduled task? We only manage to use local…
How to fix AADST5501204: Malformed JWT
I am experiencing an error when I try to fill out forms.
Cannot abandon Azure B2C Organization after deleting the service
Hello, Some tome ago, I created an Azure B2C instance. I added my Azure user as administrator. I think I made a mistake, and somehow deleted the Azure B2C instance but the tenant keep existing and my user is still linked to that tenant's…
How to assign custom user attributes to B2C users?
I'm looking to assign custom attributes to each of my B2C users, such as job titles, to assign different permissions in my application. I've created the custom attribute "JobTitle" in B2C, but I don't know how to assign individual users a…
Error in javascript when authenticating with Azure AD B2C, using MSAL on WinForms .NET Framework 4.8
I'm using Azure AD B2C in a Windows Forms application (.NET Framework 4.8). When the MSAL library opens the embedded webview to authenticate the user, it shows the following error message: The user flow is SignupSignin, version "Recommended"…
Installer failed for installing Entra ID Connect. No help given.
Ran the Entra ID (Azure AD COnnect MSI) and it failed with a cryptic message and no help. It referred to this log info: === Verbose logging started: 5/29/2024 7:30:56 Build type: SHIP UNICODE 5.00.10011.00 Calling process:…