unable to find the kid in the list of keys to validate the id token
I am getting id token once i click on the user flow in azure ad b2c. Now i simply need to validate that id token using the kid from the token header But I cannot find key ids in discovery/keys url which matches with the kid of token header. I have…
Managed Identity Roles Needed for Azure Functions
I cannot figure out how to give my APIMS instance authorization to execute my Azure Function. When I try to test the Azure Function I get a 403 unauthorized error. I have an instance of Azure API Management Service (APIMS) Development Tier. I also have…
No License Found - Microsoft Defender
Hi there, I am seeing the following message when opening Microsoft Defender on a Mac (deployed via Intune). We do have Defender license assigned to user via Business Premium. We already have set section 1 set to Windows 10 and 11 in Microsoft Defender…
Some users which belongs to another teenant are not able to login using our app with SingelSignOn
How can another user login using our app using Singel Sign On. When User login then admin need to give permission. Question: What is needed for admin to give permission to our "app" and how to do that? The app is registered and works for some…
Some users which belongs to another teenant are not able to login using our app with SingelSignOn
How can another user login using our app using Singel Sign On. When User login then admin need to give permission. Question: What is needed for admin to give permission to our "app" and how to do that? The app is registered and works for some…
Unable to join Windows Server 2022 to domain using Microsoft Entra domain services
I am trying to join my Windows Server 2022 to my domain using Microsoft Entra domain services. However, I am unable to find the correct DNS server addresses to join my device to the domain. I have searched online extensively but have not found any useful…
Entra Connect cloudsync (entra ID -> AD sync)
Dear, I am trying to do cloud syncronization from Entra ID to Active Directory via entra website. However this is not working. In the opposite direction it does (AD -> entra ID). Does anyone have any idea how I can solve this? I can press the…
How to delegate permissions to Service desk team for managing MFA in Azure Active Directory
How to delegate permissions to Service desk team for managing MFA in Azure Active Directory. just MFA reset (revoke and re-register) rights. please suggest
We have plan to move on-premise AD to Entra ID, how to move the windows file server to Entra ID?
We have a plan to move on-premise AD to Entra ID. The target is: Remove all local AD DC servers, move devices/users to Intune/Entra ID, all users have M365 now. Move on-premies fileservers to the cloud Join Windows servers (on AWS) to Entra ID The…
Passkeys for Android devices
Hello, Referring to this article: https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-register-passkey-mobile?tabs=Android What's the difference between "Passkey" and "Passkey in Microsoft Authenticator" as…
Issue with browser back button invalidating the session from Azure AD login page
I'm using Azure AD for my login and forgot password pages. These two pages are custom html pages, hosted in azure blob storage. From the login page, when I click on "Forgot Password" link, the page goes to below url for a…
Windows Hello for Business PIN reset from lock screen not working
Hi, I have Windows 11 machine, Windows Hello for Business is setup and working, also PIN reset is working from Accounts setting area where Face and other settings are. But not working from Lock screen Non destructive is enabled, 2 apps are already…
ManagedIdentityApplication.AcquireTokenForManagedIdentity("api://AzureADTokenExchange") giving error in local machine.
Hi, I am implementing the "Federated Identity Credential" along with User Managed identity in .net core 3.1 web api. Getting the error code: "managed_identity_unreachable_network" with error message "A socket operation was…
When we are using basic token for create user that time we are facing AuthorizationFailed issue.
Hi, We are able to create user and delete user with OAuth 2 token but When we are using basic token that time we are getting below error "code": "AuthorizationFailed", "message": "The client…
Setting up Group Licenses
Need to create License Groups in Microsoft Entra admin center. We have users that will be divided into three different licenses groups and do not need nor want an email address set up on any of the groups: Group Name: "Basic" for users that…
Web sign-in on Windows 11 Pro device not working with Google federated MS 365 credentials
Hi all, I am new to IT administration with no prior experience in the field. My organization has tasked me with enrolling all of our Windows devices into an endpoint management solution and configuring them. I am experimenting with one Windows device so…
Application proxy: different on-premises and cloud identities
Hello, perhaps someone can give examples of what you mean by these settings? Unfortunately I didn't find…
Use certificate/FIC for Azure Data Explorer service connector on ADO
Hi team, our current azure data explorer service connector uses service principal key and secrets to authenticate. However, in response to a security incident we're solving, we need to convert the service connector to use SNI and certificates for…
Cross Tenant Synchronization -User Mappings
Is it possible in "cross functional tenant sync" to map source user to target tenant for trust, if so how to map the users in source tenant to target tenant by user id or UPN. user1@domain.onmicrosoft.com in source tenant used for Azure AD…
Change mfa method option
I have used this document to create sign in with MFA method choice. https://github.com/azure-ad-b2c/samples/tree/master/policies/mfa-email-or-phone Once user selects the mfa method, I'm persisting it in extension_mfaByPhoneOrEmail attribute. When user…