We encountered an 'invalid_grant' error connecting to the identity provider. Please try again later
Category : Azure AD B2C We have added federated login(Sign in with Google) to our application. Google IDP is working well for users having @gmail domain users but non gmail users , some of the users we are getting below error. "We encountered an…
AaDApplication Proxy connector
Hi All, for Azure AD Application Proxy, under the Connector event Viewer section, I can see an event: as below: "Microsoft AAD Application Proxy Connector's inactive connection detection mechanism has identified inactive connections, number of…
Azure AD B2C Sign in with google generates 'invalid_grant' for specific users for non gmail domain users.
We are getting error "We encountered an 'invalid_grant' error connecting to the identity provider. Please try again later". for some users. Sign in with google feature is working for all @gmail.com domains but when it comes to other domains…
How to fix error - scope is invalid (AZURE)
I have 2 Apps in my Azure Active directory, one is connecting a (security) platform successfully but the other is giving me error in connection. Both have exactly same permissions. Error is " The client '6811588b-....-4156-8...-....aefc5111' with…
How to emit some data field on azure AD JWT token
We have integrated a web client with OAuth to authenticate using Azure AD and are storing the token for later use. However, we need to exclude certain sensitive data, such as email, IP address, and name, which are not necessary for the application. Could…
Entra ID - OIDC BFF pattern - does not work
Hi, I have a blazor hybrid app with both webassembly and server. Currently I'm using the oidc flow with b2c (https://learn.microsoft.com/en-us/aspnet/core/blazor/security/blazor-web-app-with-oidc?view=aspnetcore-8.0&pivots=with-bff-pattern) and…
How to assign custom user attributes to B2C users?
I'm looking to assign custom attributes to each of my B2C users, such as job titles, to assign different permissions in my application. I've created the custom attribute "JobTitle" in B2C, but I don't know how to assign individual users a…
When will the Azure B2C JourneyInsight node support ConnectionStrings as well as Instrumentation Keys?
Instrumentation keys for Application Insights are going to be EOL in March 2025 (less than a year away):…
Azure B2C custom policy for Multiple Idp's using SAML 2.0
We are tying to implement multiple Identity providers using Azure B2C custom policies, how can we differentiate between each Identity provider, one page where all users can login and authenticate against their respective auth Provider, and custom policy…
EntraID external id
I'm creating an external user with EntraID. But the user will not be assied as ExternalAzureAD. What is wrong with this?
Cross-tenant Inbound applications
For my external users to access our Teams, I have to change the inbound rule to allow all Microsoft Applications. If I selected Teams and Office365 only, user cannot signin. I am seeing message Failure for application "Microsoft App Access…
Microsoft Entra External ID - Federation with EntraID and impersonation feature
I'm in the process of deciding which identity server/service to integrate with a set of applications. Since Azure AD B2C it's being replaced I'm not inclined to start with that service. On the other hand, EntraID External tenant do not currently support…
Is it possible to send telemetry from Azure B2C JourneyInsights to an Application Insights with local authentication disabled?
Is it possible to send telemetry from Azure B2C JourneyInsights to an Application Insights with local authentication disabled? If so, would it be possible for someone to do a sample? If not, will that feature be coming at any point?
Localization for AD B2C User Flow Sign In page only half functional
Hello, I´m trying to modify my sign-in page to use different languages. When I switch the language (e.g. via 'Run user flow'), only half of the page content is localized to the new language. For clarity´s sake I´m using Korean here. Any idea what I´m…
How to implement Register and login in Azure AD B2C using Custom UI and APIs
How to implement Register and Login in Azure AD B2C using Custom UI and APIs and without using User flows. Instead of redirecting to the Microsoft domain and authenticating the user on the custom UI defined in Azure, we want to call the the Azure AD B2C…
Azure B2C user creation is failed for some specific user
I am creating a user in Azure B2C using Graph Client (5.40.0). While creating the user, we are getting response saying that "userPrincipalName already exists". Then we try to get the user using the user's principal name, we are getting error…
Unable to Read/Write B2C Custom Domain Settings in Entra Admin Center
I'm following along the Azure Add your custom domain name steps and trying to navigate to the Settings>Domain name. I have global admin for the tenant which is also linked to an active subscription But there is no Setting under Identity.
AAD B2C - "Lag" after custom policy upload
Hi everyone, when I upload a new version of a custom policy it takes a varying amount of time (from a few seconds to five minutes) until the new version is used. During development this is very frustrating and time-consuming since I either have to…
Azure AD B2C - how to shorten the "state" parameter in the signout url to avoid query string is too long error?
Hi, we are getting a unique query string too long error upon adding one of the standard context parameters. Somehow it is getting added to the "state" property while user logging out. I have no idea why the "state" property is…
Why does my Azure AD B2C go into infinite loop on login (localhost)
Followed tutorial (below) to set up a .Net 8 MVC app with an Azure AD B2C signin page. Using a new tenant with user flows. When I test the user flow with reply url, jwt.ms, a token is created. However, when I attempt to test login locally…