how to create a documentation for publish an application to Microsoft Entra application gallery
Hello, I want to add my application to gallery and use azure AD as a SSO So I have read this article: https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/v2-howto-app-gallery-listing#provide-app-documentation-for-your-site Section 2 (image…
TENANT LOCKOUT (URGENT) / Faulty Conditional Access Policy
Hello, Due to a faulty Conditional Access policy, not all of our admin users can access our tenant. We need to remove one of our global admin users from the exclude this policy. The case has been escalated to higher authorities but still no progress has…
AaDApplication Proxy connector
Hi All, for Azure AD Application Proxy, under the Connector event Viewer section, I can see an event: as below: "Microsoft AAD Application Proxy Connector's inactive connection detection mechanism has identified inactive connections, number of…
UPN changing when adding external user to BI workspace
Hi all - I am company admin. I have an external user added with a guest account in our azure tenant. What is happening is when I search for the user in power BI workspace - to give them access - they appear with the correct syncronised UPN for example:…
Entra Audit logs are periodically reporting "Add service principal failures"
I have registered a personal microsoft azure tenant account for learning purposes. Periodically the audit logs are reporting "Add service principal" failures, without any manual changes from me. eg: Activity Type: Add service…
Best Practices for Securely Handling Credentials with Connect-AzAccount in PowerShell while accessing Azure key vault
I'm currently working on a project that involves connecting to Azure services using the Connect-AzAccount cmdlet. While this cmdlet works well for establishing connections, I'm concerned about the security implications of storing credentials on the…
Query Regarding Azure Active Directory Authentication Tokens
I am writing to seek assistance regarding an issue I am encountering with Azure Active Directory authentication tokens in my application. Currently, I am utilizing Microsoft Azure Active Directory for authentication and authorization within my…
Unable to unistall Microsoft Entra Provisioning Agent Package - 0x80070643 Fatal Error 'Missing File'.
I am trying to deploy the API-Driven Provisioning for On-Prem and I tried to install the Microsoft Entra Provisioning Agent Package. The installation failed and it stated that there was a missing MSI package. When I tried to uninstall the files that…
When and how is a refresh token extended?
Microsoft document says "Anytime the SSO session token is used within its validity period, the validity period is extended another 24 hours or 90…
Seeing an AADSTS700016 error when signing-in to my Azure app after converting it to multi-tenant
We have a need in my company tenant to convert some already existing apps to multi-tenant In Azure/Entra ID. Most of these enterprise apps have SSO setup and working. As you know, in order to convert these apps, we need to change their Application ID URI…
Sign-in Frequency evaluation
Hello, With respect to Sign-in Frequency evaluation, is this flow-chart still valid after the advent of AUTHENTICATION-STRENGTH ??
I want delete users that have a blocked sign in and users who have not signed in over 90 days
I need help deleting users by last sign in date and have a blocked sign in
Disabling PIM for Groups Assignment Expiry Emails
Hi, we have a requirement to disable the emails that assignees to a PIM group membership receive before expiry. These are the emails that contain text like this: "Your Member role in the <group> Security will expire in 14 day(s)" I…
Windows Autopilot 展開サービスへのデバイスの登録について
Windwos Autopilotを利用して、OS設定(キッティング)、Intune登録、Entra ID Joinを自動で展開させたいと思っております。下記にケースにおいてのAutopilotの事前準備についてご教示いただけますでしょうか。今回、対応するものは下記のものを想定しております。 ・新規購入のWindwos 11 OSのPC ・現在使用しているPC (※Entra ID…
Entra ID as SP for SAML SSO
Hello I am trying to set up Entra ID SSO using SAML. All the i can find is how to set it up as a Idp but i am using Entra ID as SP using SAML. Has anyone used EntraID as SP using SAML? Can you please help
Rate limits for Microsoft Entra Id Apis
Hello Team, Could you please let us know the rate limits for the below Microsoft Entra Id Apis. Audit-Log: https://learn.microsoft.com/en-us/graph/api/resources/azure-ad-auditlog-overview?view=graph-rest-1.0 User-Info :…
We have a password expiration policy set in Entra ID that forces users to change password every 90 days, but we have a subset of users with expired passwords that are not being prompted to update.
It seems that there is some commonality in the successful authentications which is that they are signing into application title: Apple Internet Accounts per sign in logs. Client app is Mobile Apps and Desktop Clients in same log. Curious if there is…
Microsoft Entra SSO integration with FortiGate SSL VPN connectivity issue
Scenario: Microsoft Entra SSO integration with FortiGate SSL VPN I am unable to connect via FortiClient vpn version 7.2.x.x. But when i use FortiClient vpn client version 7.0.x.x.x to connect SSL VPN via Azure ID with SAML Authentication. its connect in…
SSO for Grafana with AzureAD Authentication Using Client Certificates Instead ClientID/ClientSecret
I'm trying to set up Grafana with SSO authentications- I have all the relevant endpoints to configure SSO and test it successfully but recently i was asked to not to use Client_ID/Client_Secret as shown below due to some security…
MFA in Users vs Group in Entra ID
I have created a user and added the same user in a group, and enabled MFA in both user and group, In user I have enabled SMS OTP, and in group I have enabled Microsoft authenticator. Now if I have to login to the user what Authentication will work since…