How is the scope of the permission defined? GroupMember.ReadWrite.All
GroupMember.ReadWrite.All The application permission is defined as: Allows the app to list groups, read basic properties, read and update the membership of the groups this app has access to without a signed-in user. Group properties and owners cannot be…
macOS Platform SSO Secure Enclave - Entra ID sign-on logs? Conditional Access Authentication Strength policies?
We're testing macOS Platform SSO integration to Entra and have a few questions that aren't answered by the documentation: When using the Secure Enclave setting, the user ends up with a Platform Credential in their 'Authentication methods' view in…
About Powershell script
I want to create a Powershell script and my requirenment are as follows I have some user having same company name attribute and users that dont have company name attribute The user having same attribute can able to see eachother calender with detail…
Web sign-in on Windows 11 Pro device not working with Google federated MS 365 credentials
Hi all, I am new to IT administration with no prior experience in the field. My organization has tasked me with enrolling all of our Windows devices into an endpoint management solution and configuring them. I am experimenting with one Windows device so…
I want to delete tenant, but I cannot activate the toggle in "manage access to all Azure subscriptions and management groups in this tenant"
Dear Microsoft Community, I really need your help for guidance. So, I want to delete the tenant under my account and it comes down to 'Delete all license-based subscriptions' and 'Get permission to delete Azure resources' I believe the workaround is to…
Azure B2C, Sign in using multiple policies
I'm currently using Azure B2C to sign in users using the Microsoft.Identity.Web framework. My configuration looks something like this services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme) .AddMicrosoftIdentityWebApp(options => …
How to fix AADST5501204: Malformed JWT
I am experiencing an error when I try to fill out forms.
How to allow users to register for MFA from home without excluding them from location based conditional access policies
We have a requirement where in small number of cases users (new starters or MFA issues) need to register for MFA from a remote location. We have a conditional access policy which restricts access to Azure cloud apps from outside corporate office. We…
Can we send welcome email along with user credentials on other email attribute in Lifecycle workflows ?
We have a use case where we have to onboard employees from HR system to Entra ID and using lifecycle workflows we have to enable account, assign Microsoft 365 license, send welcome email, generate TAP and send to manager and provision to some…
Azure Active Directory Connect - First run, users synced from AD to Entra, but with different UPN. Example - AD = user@local.contoso.com. Entra = user@contoso.com. How do I fix this?
I'm running Azure Active Directory Connect for the first time to sync users from our local on prem AD to Entra ID. I limited it to a single OU and only members of a test group I created. This was just supposed to sync password hashes. I ran the sync and…
Changing password but not receiving the code on phone
Hello, I'd like to change my password but everytime I try, I don't receive an authentification code on my new phone number. I do not have access to my old phone number. I waited the 30 days azure asks to resolve the new phone number change. There does…
Cannot abandon Azure B2C Organization after deleting the service
Hello, Some tome ago, I created an Azure B2C instance. I added my Azure user as administrator. I think I made a mistake, and somehow deleted the Azure B2C instance but the tenant keep existing and my user is still linked to that tenant's…
Can't sign in to my authenticator app because the sign in process get a loop and wants authenticator to authenticate the sign in! And I am also the admin of my tenant...
When I try to sign in to my account it request the authenticator code or accept and I have no authenticator app installed after install it wants the same process to sign in…also I am the admin of the tenant and there is no other users.
Unable to activate my P2 license after creating a free Azure trial subscription.
I am unable to activate my P2 license after creating a free Azure trial subscription. Whenever I try to activate the P2 license, it asks me to enter an email ID. I enter the email ID I used to create the trial account, but it then asks me to create a new…
Entra hybrid join
All devices in my tenant are Azure ad registered + on premises ad joined when i enable entra hybrid join in entra connect it will automatically convert to entra hybrid join or I have to manually unenroll this devices from azure ad registered and then…
Microsoft Entra ID - Provisioning Log API Maximum Page Size
Hello Team, Could you please let us know the default and maximum page size of provisioning log API - https://learn.microsoft.com/en-us/graph/api/provisioningobjectsummary-list?view=graph-rest-1.0&tabs=http Thanks, Ravi P.
Cannot add Enterprise Application to Entra ID tenant
I have a MS Entra Gallery app (ModeGen for Visio): https://azuremarketplace.microsoft.com/en-us/marketplace/apps/aad.modelgenforvisio that provides integrated OIDC SSO support for a separate Visio Addin (https://crecy.com.au/model-gen/). In summary it…
How do I disable users of my web app from navigating back to the Azure portal after redirect from login?
I have a web app where we are using Azure Entra as the source of user identity. So the user is directed to SSO with Microsoft, where we keep their identity, on the way to starting a session in our app. Because of the way the routing is happening, they…
Some users which belongs to another teenant are not able to login using our app with SingelSignOn
How can another user login using our app using Singel Sign On. When User login then admin need to give permission. Question: What is needed for admin to give permission to our "app" and how to do that? The app is registered and works for some…
How to delegate permissions to Service desk team for managing MFA in Azure Active Directory
How to delegate permissions to Service desk team for managing MFA in Azure Active Directory. just MFA reset (revoke and re-register) rights. please suggest