Passkeys for Android devices
Hello, Referring to this article: https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-register-passkey-mobile?tabs=Android What's the difference between "Passkey" and "Passkey in Microsoft Authenticator" as…
Issue with browser back button invalidating the session from Azure AD login page
I'm using Azure AD for my login and forgot password pages. These two pages are custom html pages, hosted in azure blob storage. From the login page, when I click on "Forgot Password" link, the page goes to below url for a…
Locked out of Azure
I think I've made a silly mistake. I was trying to join the Partner program at Microsoft and it kept telling me I was using my personal account. I went to the Entra page and noted that my user was setup as external. I saw an option to turn it into an…
Windows Hello for Business PIN reset from lock screen not working
Hi, I have Windows 11 machine, Windows Hello for Business is setup and working, also PIN reset is working from Accounts setting area where Face and other settings are. But not working from Lock screen Non destructive is enabled, 2 apps are already…
ManagedIdentityApplication.AcquireTokenForManagedIdentity("api://AzureADTokenExchange") giving error in local machine.
Hi, I am implementing the "Federated Identity Credential" along with User Managed identity in .net core 3.1 web api. Getting the error code: "managed_identity_unreachable_network" with error message "A socket operation was…
When we are using basic token for create user that time we are facing AuthorizationFailed issue.
Hi, We are able to create user and delete user with OAuth 2 token but When we are using basic token that time we are getting below error "code": "AuthorizationFailed", "message": "The client…
Setting up Group Licenses
Need to create License Groups in Microsoft Entra admin center. We have users that will be divided into three different licenses groups and do not need nor want an email address set up on any of the groups: Group Name: "Basic" for users that…
Web sign-in on Windows 11 Pro device not working with Google federated MS 365 credentials
Hi all, I am new to IT administration with no prior experience in the field. My organization has tasked me with enrolling all of our Windows devices into an endpoint management solution and configuring them. I am experimenting with one Windows device so…
Application proxy: different on-premises and cloud identities
Hello, perhaps someone can give examples of what you mean by these settings? Unfortunately I didn't find…
Use certificate/FIC for Azure Data Explorer service connector on ADO
Hi team, our current azure data explorer service connector uses service principal key and secrets to authenticate. However, in response to a security incident we're solving, we need to convert the service connector to use SNI and certificates for…
Cross Tenant Synchronization -User Mappings
Is it possible in "cross functional tenant sync" to map source user to target tenant for trust, if so how to map the users in source tenant to target tenant by user id or UPN. user1@domain.onmicrosoft.com in source tenant used for Azure AD…
Change mfa method option
I have used this document to create sign in with MFA method choice. https://github.com/azure-ad-b2c/samples/tree/master/policies/mfa-email-or-phone Once user selects the mfa method, I'm persisting it in extension_mfaByPhoneOrEmail attribute. When user…
Microsoft Azure Management not appearing in list of cloud apps
Hi, we are trying to create a conditional access policy restricting access to Microsoft Azure Managament but its not appearing in the list of Cloud apps under Target Resources and we are not sure why. Can anyone help.
AD is not syncing with Entra
Whenever my users change their password, they are locked out of their email account.
How to create/ delete user via API using grant type as client_credentials
We are able to create token but unable to create and delete user. { "error": { "code": "AuthorizationFailed", "message": "The client 'f04c77f3-530e-416d-a165-42304fb90583' with object id…
How to create/ delete user via API using grant type as client_credentials
How to create / delete user via API using grant type as client_credentials. We are able generate token but not able to perform create and delete user. { "error": { "code": "AuthorizationFailed", …
Azure AD Joined Device and Office365 -SSO
How to configure SSO between Azure AD joined devices in Tenant A to Office365 in Tenant B, so that when a user logins into Windows Device using Tenant A onmicrosoft.com id ,they should be also able to login into O365 domain.com hosted in Tenant B…
Help towards dynamically update attendees to meeting series
Hi, I have made a flow in Power Automate to automatically invite all the people from a Microsoft Entra group to a meeting series every day. However, I experience some things that I need help to solve. The flow looks like above: So the CalendarID and…
How to fix error AADSTS500200: User account is a personal Microsoft account. Personal Microsoft accounts are not supported for this application
Sorry, but we’re having trouble signing you in. AADSTS500200: User account 'su*****sk@gmail.com' is a personal Microsoft account. Personal Microsoft accounts are not supported for this application unless explicitly invited to an organization. Try signing…
Consolidate 2 separate tenant into 1.
Hi Is there a way to consolidate or merge 2 separate tenancy into 1. 1 Tenant is cloud only, and the other tenant is hybrid with Entra ID Connect for sync. Identity, groups, applications and other things to deal and manage. Does MS have a process on…