When and how is a refresh token extended?
According to a https://learn.microsoft.com/en-us/entra/identity-platform/refresh-tokens, Refresh tokens replace themselves with a fresh token upon every use. I believed we can continue using a refresh token if we keep refreshing the access token with the…
403 Forbidden - Request forbidden by administrative rules
I work in the UK. On Microsoft Azure/Microsoft Entra ID, my colleagues who are Member users have their user location set to the UK. Even for those that work for our company who live in the US, Canada and India. When 2 of my colleagues went to China they…
Navigation is unreachable in Chrome Custom Tabs when redirecting from B2C login screen back to Android Custom URI scheme
We have an Android app we are building in Flutter, that uses Azure B2C for authentication. We previously had our authentication flow running in a WebView, we got the authorisation grant, opened the login url, entered the credentials then were redirected…
Unable to create a user using Microsoft Intra ID
Hello, I am unable to create a new user using Microsoft Intra ID in Azure portal. I am using free subscription. It's showing me error "Validation failed. Required information is missing or not valid for following tabs: ." It's also showing…
Azure AD B2C | Update Email Address | Clone existing user details along with password
Team, We are using Azure AD B2C email address for our login. There is a provision which we should make in the UI to update the email address. When the user updates the email address during the session. Since, through user's email address we have logged…
How to administer Windows 11 Enterprise computer to allow local user sign-in via MS 365 credentials?
Hi all, I work for a small non-profit organization and am entirely new to IT and system administration. I am beta-testing computer configuration on a Windows machine that I have upgraded to the Windows 11 Enterprise operating system. I have created MS…
Microsoft MFA
Hello. How to enable email to authenticate? Even though you add it to My Account, it doesn't appear here. What to do to appear? Best Regards, Gabriel Moraes.
Manager Attribute Does Not Sync
All user accounts on our on-premise Active Directory have the Manager attribute specified. We are syncing on-prem users to Entra via the Azure AD Connect tool. When checking the user account via portal.microsoft.com, the Manager attribute is not…
Not getting access to identity provider
Hi folks, I'm facing an issue while access the 'identity provider" Section in Azure AD B2C. Where i've the following permssions, Global Administrator User Administrator External Identity Administrator (Recommended for Enabling Identity…
[Azure DevOps] Cannot remove user from organization.
There is a user in my Azure DevOps organization that I cannot remove. I have tried it in the web UI as well as CLI. Here is what I have done in the CLI, to illustrate the issue. First I pull a list of users in Azure DevOps. I see the trouble user…
Azure AD Joined Device and Office365 -SSO
How to configure SSO between Azure AD joined devices in Tenant A to Office365 in Tenant B, so that when a user logins into Windows Device using Tenant A onmicrosoft.com id ,they should be also able to login into O365 domain.com hosted in Tenant B…
Difficulty creating Azure Active Directory B2C Tenant
I have been trying to create an Azure Active Directory B2C Tenant for several days without success. I have followed all the tutorial steps and made sure permission and role settings are in order. Here's what I have done: I have the role of Global…
In Blazor Web App Server authentication Azure missing iss claims
Hello, I followed this guide to create a Blazor Web App (server) with azure athentication https://learn.microsoft.com/it-it/entra/identity-platform/tutorial-blazor-server and it works. here the authentication…
How to skip OrchestrationStep related to MFA (ClaimsExchange) if login prompt was not displayed
Hello Team, We have CombinedSignInAndSignup step which shows login prompt if the session is not active and this is followed by ClaimsExchange which does phone SMS or call) authentication. In case of an active session (either 'Keep me signed in'…
Entra App Proxy setup "Private Network settings - Application operation failed"
Good day community, I'm reaching out to you since I would like to understand if there is a limitation with Entra App Proxy (EAP, aka Azure App Proxy) when creating new EAPs with too many '.' (dots) in the internal URL or '-' (minus) in them as well. …
Unable to reset MFA for user account
I am having trouble resetting the MFA for a user account. I keep getting an error message that says "Delete operation failed. Try this command again or delete them one by one in the user authentication methods blade." Is it possible that this…
Do we require License for Internal user to read or View in share point online?
Do we require License for Internal user to read or View in share point online?
SSO login issue
Hello Team, I'm using SAML-based Single Sign-On (SSO) with 2FA enabled. Below are the SAML options I'm currently using: - `force_authn: false` - `auth_context: { comparison: 'exact', class_refs: ['urn:oasis:names:tc:SAML:1.0:am:password'] }` -…
Delete security groups from Microsoft 365 admin center which one synced from on-premise AD
In the past i synced all users and groups from my on-prem AD. I delete all of them yet however i found security groups whichone doesn't delete yet. I want to delete them now because i don't need them. I list of them with that command: …
Passwordless MFA Authentication
Hi, We are in the process to enforce users to setup their MFA (Most probably many already have it) but we need to use the preferred method wich is passwordless in Conditional Access. So I am testing on couple of accounts, yet am having issues and few…