Microsoft Entra External ID

Azure SAML App TEST

Hello I defined External ID and was testing it, after some time I cannot any longer start log in page and I am getting error: Mind that 6 hours ago everything was working fine.

Implementing MFA for customer accounts not in Azure Active Directory B2C (Azure AD B2C) directory

Hello, We are implementing Azure B2C as identity system for an application. Our customer accounts are not in Azure Active Directory B2C (Azure AD B2C) directory. We are using Sign-in with REST API identity providerfor user sign-in process. We are…

Azure AD B2C - how to shorten the "state" parameter in the signout url to avoid query string is too long error?

Hi, we are getting a unique query string too long error upon adding one of the standard context parameters. Somehow it is getting added to the "state" property while user logging out. I have no idea why the "state" property is…

How to add OpenID connect identity provider to Microsoft Entra External ID? I see only SAML/WS-Fed option.

Looks like there should be an OpenID connection option. How can I add entra ID multitenant provider here?

Microsoft Entra External ID and authentication using Microsoft Entra federation

Hello, I have been testing the MS Entra External ID sign up and sign in user flow. It came to me as a surprise that users from other MS Entra ID tenants need to be added as Guest users to the External ID tenant. In other words, the login screen in the…

Using Azure B2C Custom policy email verification with Sendgrid what is lockout period if exceed number of retries?

We are using Azure B2C custom polices. We use Sendgrid to verify users' emails. Users enter their email address in a flow and we send an email containing a 6 digit OTP code to that address. Users then enter the OTP into the flow to confirm the…

Getting the below error while trying to access the Application backend in edge.

Mfa session not working in azure ad b2c custom policy

i’m using https://github.com/azure-ad-b2c/samples/tree/master/policies/mfa-email-or-phonecustom policy. how to configure MFA Session to skip MFA method selection Prompt for Every sign in? When I am testing Policy on Azure AD B2C Portal it will always…

MFA policy is misconfigured. Work with your admin to enable notification through mobile app in the policy.

We have enabled MFA enforcement on our lighthouse but somehow all the users were receiving this error "MFA policy is misconfigured. Work with your admin to enable notification through mobile app in the policy." We have tried disabling the MFA…

restrict local account creation in azure tenant

can we restrict local account creation in azure tenant? I just want the feature to invite guest account . and disable local account creation ability. Please suggest can it be done and how?

MFA for Guest Users works for ExternalAzureAd but not with MicrosoftAccount

Hello, We use MFA in our tenant and it works good for certain identities like ExternalAzureAd. But with MicrosoftAccount for example, it's not working. We have the Authentication strengths like : Password + Microsoft Authenticator (Push Notification) In…

WAM with google authentication

Hello We know that google has deprecated web-view sign-in support. So if app authenticates users with an embedded web-view and you're using Google federation with Entra B2B for external user, Gmail users won't be able to authenticate. Would…

Conditional Access using SAML and Azure B2C custom policy

Trying to implement Azure B2C Conditional Access sign in using SAML flow using custom policy. Conditional Access get implemented successfully when using OpenID protocol for the user journey but results in a failure when using the same SAML user journey.…

How to add a timeout system to my API Management Developer Portal?

I have an API Management developer portal (standard tier) that I want users to be timed out of after inactivity. I've been testing my developer portal and it seems that the user will stay signed in even if they do not interact with the webpage. I am…

Unable to create User flow in External tenant

It's like a nightmare to deal with this issue! I am unable to create User Flows successfully. Or some times they get created but not get listed under User flows. When I refresh the screen after minutes or an hour or so, I can perhaps see the user flows I…

Entra External ID Disabling security defaults

Hello, I am exploring the possibility of enforcing MFA for either all users or specific groups using Conditional Access in an External Tenant. However, this requires disabling "Security Defaults," which is not recommended. When I try to add the…

Microsoft Entra External ID no wizard for external guests

Hello, I am setting up Entra External ID with an external tenant. Self-sign up is disabled, but invitation through the application is enabled. When someone comes from an identity provider such as Microsoft Entra ID, I want to enforce MFA (Multi-Factor…

Should Azure AD B2C User Flows still reject passwords containing the substring ".@"?

According to the Azure AD B2C password complexity documentation (http://aka.ms/b2cpasswordcomplexity), passwords can contain "any letter, number, or symbol". However, if I try to use, say, a Sign up User flow to create an account, passwords…

Why does my Azure AD B2C go into infinite loop on login (localhost)

Followed tutorial (below) to set up a .Net 8 MVC app with an Azure AD B2C signin page. Using a new tenant with user flows. When I test the user flow with reply url, jwt.ms, a token is created. However, when I attempt to test login locally…

Can not sign into external tenant. Get error: "IDX20804: Unable to retrieve document from ___v2.0/.well-known/openid-configuration"

I am unable to get external Id tenant to sign in for my .net 8 Blazor (Server) application. I have followed these steps to create the user flow and integrate it into my application. …