Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
5,722 questions
0 answers
Microsoft Entra External ID no wizard for external guests
Hello, I am setting up Entra External ID with an external tenant. Self-sign up is disabled, but invitation through the application is enabled. When someone comes from an identity provider such as Microsoft Entra ID, I want to enforce MFA (Multi-Factor…
asked 2024-05-30T14:23:38.9133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 11%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Alvin Strandberg
5
Reputation points
edited the question 2024-06-04T13:30:07.9066667+00:00
Alvin Strandberg
5
Reputation points
0 answers
Unable to create User flow in External tenant
It's like a nightmare to deal with this issue! I am unable to create User Flows successfully. Or some times they get created but not get listed under User flows. When I refresh the screen after minutes or an hour or so, I can perhaps see the user flows I…
asked 2024-06-04T02:25:43.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 55.00000000000001%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Arash Sabet
0
Reputation points
commented 2024-06-04T13:01:19.9866667+00:00
Arash Sabet
0
Reputation points
0 answers
Entra External ID Disabling security defaults
Hello, I am exploring the possibility of enforcing MFA for either all users or specific groups using Conditional Access in an External Tenant. However, this requires disabling "Security Defaults," which is not recommended. When I try to add the…
asked 2024-06-04T12:58:38.3233333+00:00
Alvin Strandberg
5
Reputation points
asked 2024-06-04T12:58:38.3233333+00:00
Alvin Strandberg
5
Reputation points
1 answer
Corrupt Entra ID Tenant
I created an 'external' Entra ID tenancy but somehow it's now configured in an unmanageable state. This may be because of a combination of me configuring MFA and Visual Studio registering an App. The symptoms are as follows: When viewing the tenant…
asked 2024-04-02T12:43:14.5433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 59%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Tim Blizard
0
Reputation points
commented 2024-06-04T12:03:43.3933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 11%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOR%3C/text%3E%3C/svg%3E)
Oliver Rodrigues
1
Reputation point MVP
1 answer
How to emit some data field on azure AD JWT token
We have integrated a web client with OAuth to authenticate using Azure AD and are storing the token for later use. However, we need to exclude certain sensitive data, such as email, IP address, and name, which are not necessary for the application. Could…
asked 2024-05-21T05:55:59.27+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 53%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
P Kungvanrattana
0
Reputation points
commented 2024-06-04T11:16:57.0166667+00:00
P Kungvanrattana
0
Reputation points
0 answers
How to return claims to Azure B2C Custom Policy ClaimsProvider
I have defined a ClaimsProvider, which calls an endpoint in my local flask application <ClaimsProvider> <DisplayName>External Claims Source</DisplayName> <TechnicalProfiles> <TechnicalProfile…
asked 2024-06-01T11:33:07.11+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 83%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMF%3C/text%3E%3C/svg%3E)
Michał Filipkowski
0
Reputation points
commented 2024-06-04T07:07:00.4033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Navya
4,940
Reputation points Microsoft Vendor
1 answer
How to assign custom user attributes to B2C users?
I'm looking to assign custom attributes to each of my B2C users, such as job titles, to assign different permissions in my application. I've created the custom attribute "JobTitle" in B2C, but I don't know how to assign individual users a…
asked 2024-05-28T18:26:50.19+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 55.00000000000001%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EH%3C/text%3E%3C/svg%3E)
hampton123
1,095
Reputation points
commented 2024-06-04T06:57:47.8533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Akhilesh
5,880
Reputation points Microsoft Vendor
13 answers
AADSTS500208: The domain is not a valid login domain for the account type.
Hi, I have MS Entra External ID preview tenant created. However, I noticed that I cannot authenticate successfully with the local account. Below I provide more details. I would be grateful for help/hints. Describe the bug When I try to login with…
asked 2023-08-28T06:07:08.1833333+00:00
Daniel Krzyczkowski
461
Reputation points MVP
answered 2024-06-04T03:34:20.91+00:00
Daniel Krzyczkowski
461
Reputation points MVP
2 answers
unable to find the kid in the list of keys to validate the id token
I am getting id token once i click on the user flow in azure ad b2c. Now i simply need to validate that id token using the kid from the token header But I cannot find key ids in discovery/keys url which matches with the kid of token header. I have…
asked 2023-01-24T07:06:42.7833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 65%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Rahul Sadaphal
40
Reputation points
answered 2024-06-03T22:17:21.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 33%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKS%3C/text%3E%3C/svg%3E)
Kuldeep Saxena
0
Reputation points
3 answers
One of the answers was accepted by the question author.
Entra External ID: Impossible to implement displayName=givenName+surname?
I have a very simple use case in Microsoft Entra External ID for Customers which seems to be impossible to implement: I want to automatically fill the displayName user-attribute on signup submit. On signup, the users email-address, givenName and…
asked 2023-12-06T09:51:03.0666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 75%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMD%3C/text%3E%3C/svg%3E)
Martin Dreßler
25
Reputation points
answered 2024-06-03T21:36:26.54+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 91%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Georg Pavlovic
1
Reputation point
1 answer
WAM with google authentication
Hello We know that google has deprecated web-view sign-in support. So if app authenticates users with an embedded web-view and you're using Google federation with Entra B2B for external user, Gmail users won't be able to authenticate. Would…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 31%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
1 answer
Using main Azure Active Directory login for separate Azure AD B2C login via API Management Portal
My company has a main Azure Active Directory of our in-company users as well as a directory for Azure AD B2C for outside users. My API Management service as of right now only accepts logins via Azure AD B2C. I was wondering if it would be possible for…
asked 2024-05-16T14:16:43.65+00:00
hampton123
1,095
Reputation points
commented 2024-06-03T11:17:08.4+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
28,766
Reputation points Microsoft Employee
0 answers
How to add OpenID connect identity provider to Microsoft Entra External ID? I see only SAML/WS-Fed option.
Looks like there should be an OpenID connection option. How can I add entra ID multitenant provider here?
asked 2024-06-03T10:24:43.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 2%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENK%3C/text%3E%3C/svg%3E)
Nazar Kalytiuk
0
Reputation points
asked 2024-06-03T10:24:43.71+00:00
Nazar Kalytiuk
0
Reputation points
0 answers
Entra Custom Authentication Extensions to Function App in a Private vNet
I have gone through the documentation on setting up a custom authentication extension, and have built a function app and configured all the parts for making a call into my function app endpoint for the On Token Issuance Start event. My function app is…
asked 2024-03-21T11:45:11.0466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 2%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Josh Christensen
5
Reputation points
commented 2024-06-01T01:20:22.1+00:00
Ryan Hill
26,321
Reputation points Microsoft Employee
2 answers
Azure AD B2C Sign in with google generates 'invalid_grant' for specific users for non gmail domain users.
We are getting error "We encountered an 'invalid_grant' error connecting to the identity provider. Please try again later". for some users. Sign in with google feature is working for all @gmail.com domains but when it comes to other domains…
asked 2024-05-28T12:58:20.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 21%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
Venkat Maram
0
Reputation points
edited a comment 2024-05-31T20:47:07.4466667+00:00
James Hamil
22,436
Reputation points Microsoft Employee
1 answer
Request_BadRequest returned when trying to assign Custom Attributes to B2C Users
I created a new custom attribute for my B2C users, as I want to assign them a string value associated with their account with this custom attribute. The value will be read with their token and passed through to my application. I've been able to obtain…
asked 2024-05-29T15:49:54.3+00:00
hampton123
1,095
Reputation points
commented 2024-05-31T14:39:04.6833333+00:00
hampton123
1,095
Reputation points
3 answers
We encountered an 'invalid_grant' error connecting to the identity provider. Please try again later
Category : Azure AD B2C We have added federated login(Sign in with Google) to our application. Google IDP is working well for users having @gmail domain users but non gmail users , some of the users we are getting below error. "We encountered an…
asked 2024-05-28T08:59:35.2033333+00:00
Venkat Maram
0
Reputation points
commented 2024-05-31T06:58:43.0766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 13%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBB%3C/text%3E%3C/svg%3E)
Babafemi Bulugbe
2,520
Reputation points MVP
2 answers
One of the answers was accepted by the question author.
B2C Sign Up Issue in Azure API Management Developer Portal
Hello, I'm encountering an issue with my API Management developer portal. Currently, the portal only permits sign-ins and sign-ups via B2C. Previously, I successfully tested the sign-up and sign-in system. However, after updating the gateways for both…
asked 2024-05-07T19:23:12.0833333+00:00
hampton123
1,095
Reputation points
commented 2024-05-30T14:22:31.9466667+00:00
hampton123
1,095
Reputation points
1 answer
One of the answers was accepted by the question author.
Entra ID - OIDC BFF pattern - does not work
Hi, I have a blazor hybrid app with both webassembly and server. Currently I'm using the oidc flow with b2c (https://learn.microsoft.com/en-us/aspnet/core/blazor/security/blazor-web-app-with-oidc?view=aspnetcore-8.0&pivots=with-bff-pattern) and…
asked 2024-05-28T19:05:49.29+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 8%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERD%3C/text%3E%3C/svg%3E)
Robert Desbiens
40
Reputation points
commented 2024-05-30T13:37:20.93+00:00
Robert Desbiens
40
Reputation points
0 answers
Unable to logout from External Identity Provider (SAML 2.0)
Hello All, I am working on React Application which will support multi-IDP logins, i am using MSAL library to implement I have configured below IDP SAML 2.0 using Microsoft External Identities. SAML for Okta SAML for OneLogin SAML for Google Suite I…
asked 2024-05-20T08:04:10.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 39%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVG%3C/text%3E%3C/svg%3E)
Vedika Gujar
0
Reputation points
edited a comment 2024-05-30T06:04:29.1+00:00
Vedika Gujar
0
Reputation points