Transitioning from SQL Database to Custom Attributes for Azure Blob Storage User Access in B2C User Flow
I have an API that allows B2C users to upload/download files from Azure Blob Storage containers. Currently, I use an SPA with an Azure Function that sends the upload or download request to the Azure Blob Storage container that the user has access to…
Azure AD B2C- sign-in workflow with google as an IdP-error AADB2C99002
Hi everyone, I am writing here the issue that I am facing while working on sign-in workflow with Azure AD B2C. Your help is appreciated. Pre-requisites: I have Azure AD B2c tenant. I want to set up sign-in workflow with google as an IdP. …
Azure AD B2C: Multi-Tenant Entra ID automatically enable accounts
I have followed this tutorial to set up sign-in for multitenant Microsoft Entra ID using custom policies in Azure Active Directory B2C. Everything is working except all newly created accounts are disabled by default. I would like to have all new…
How to protect Flask API routes with Azure AD B2C?
This is not that well known so I thought I may come up with an article but first, let's see if others from the community can contribute. Copilot/AI is fine but do not forget your personal touch :)
How to remove proxy address from an azure ad user?
How to remove a proxy address from azure AD user? Generally I have logged to portal using personal ms account, signed up for azure and created a separate tenant, then an internal user with global admin privileges that I intended to use daily instead of…
Integrating proprietary directory users with Microsoft Entra ID
Hi, our company has an Entra directory of users and a proprietary directory of 3rd party customers. In the case of the 3rd parties, we want to take advantage of Entra's capabilities. However, we've hit a roadblock as they have emails in multiple domains…
Configure SAML based SSO for external user authentication
Hi, We would like to expose our application to internet and authenticate users using Microsoft entra. Expecting the users to put in their personal ids or work\school Microsoft ids to sign in. Based on research online, we need to create an entra app. I am…
Best method to validate the e-mail address in Azure AD B2C custom policy to restrict the particular domain name.
We have a requirement to restrict particular domain (assume gmail.com) not be used by user during the sign-up flow. For the email address Validation, we used regular expression in custom policy.
Multiple authschemes is not working
I have added two authentication AzureAD and AzureB2c in mvc core3.1 using microsoft.identity.ui & web packages. I am able to call challenge both schemes but after login -in successfully my controller postback action method is not executing even…
Graph API app permissions restricting to user or groups
Hey Msft, GRAPH API is very helpful and powerful to return the information. As you know there are two moded on it as mentione here : https://learn.microsoft.com/en-us/graph/auth/auth-concepts App and delegated access. For our recurring use cases we…
Okta as an external identity provider to Azure Active Directory B2C
Hi, Does Azure AD B2C supports external identity providers like Okta? Or do we have to develop a custom policy for that? Thanks
AADSTS50020: User account 'example@example.com' from identity provider 'live.com' does not exist in tenant 'Default Directory' and cannot access the application '' in that tenant.
Hello, I am trying to integrate sign-in with Azure-ad using Next Auth. I followed all of the instructions in https://next-auth.js.org/providers/azure-ad and created a new application with the signInAudience set to AzureADandPersonalMicrosoftAccount.…
How to get the most accurate MFA user status using PowerShell or via GUI?
What's the most accurate way to get the User MFA status using the PowerShell for Microsoft graph? Because using the portal GUI below, they both show different statuses for the esame user. Old MFA:…
Entra ID and Microsoft Accounts in CIAM Tenant
I'm a bit confused with how some of the Identity options work in the new CIAM External Identities tenant. Let's say I have some customers who want to access my applications using Local accounts (email), and others who want to authenticate using either…
Transition to role-based access control (RBAC) in Azure by 31 August 2024
I created an Azure Account for deployment and have a service Administrator role in side Home > My resource group > Access control (IAM) > Classic administrators, I am the only person using this account as an owner and do not have any…
AD B2C show standard error page when REST API returns 4xx
Hi, I'm calling a REST API from an orchestration step just using a TechnicalProfile, but not inside a ValidationTechnicalProfile block. <OrchestrationStep Order="6" Type="ClaimsExchange"> <ClaimsExchanges> …
B2C Custom Policy Translations for Required Fields on SignUp page Not Translatable
Hi Folks, Using Custom Policy for Signup process. We have translations for 9 languages and several required fields. However the translations are not working for required fields. What I get is "{field-type} is required" (screen shot below). On…
Does the session cookie generated using microsoft Azure AD store any personal Identifying information
Hi, We use Azure AD authentication for MFA and SSO. We would like to know of the session cookie stores any personally identifying information?
How to jump to previous orchestration step
I am allowing users to sign in using multiple MFA options and want to persist the default selection. If the user has selected Phone / Email MFA options then on the next login user should be directed to Email or Phone MFA orchestration step, And MFA…
Teams group sharing with external users - do we need Entra licenses?
I would like some clarity on the Entra External ID licensing and MAU. Our organization has 2 M365 Basic subscriptions (Global admin account and org. communications account). We have a Teams group which we share with 30-40 external users. They need access…