Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,826 questions
1 answer
Using main Azure Active Directory login for separate Azure AD B2C login via API Management Portal
My company has a main Azure Active Directory of our in-company users as well as a directory for Azure AD B2C for outside users. My API Management service as of right now only accepts logins via Azure AD B2C. I was wondering if it would be possible for…
asked 2024-05-16T14:16:43.65+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 55.00000000000001%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EH%3C/text%3E%3C/svg%3E)
hampton123
1,095
Reputation points
commented 2024-06-03T11:17:08.4+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
28,756
Reputation points Microsoft Employee
0 answers
How to add OpenID connect identity provider to Microsoft Entra External ID? I see only SAML/WS-Fed option.
Looks like there should be an OpenID connection option. How can I add entra ID multitenant provider here?
asked 2024-06-03T10:24:43.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 2%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENK%3C/text%3E%3C/svg%3E)
Nazar Kalytiuk
0
Reputation points
asked 2024-06-03T10:24:43.71+00:00
Nazar Kalytiuk
0
Reputation points
0 answers
How to return claims to Azure B2C Custom Policy ClaimsProvider
I have defined a ClaimsProvider, which calls an endpoint in my local flask application <ClaimsProvider> <DisplayName>External Claims Source</DisplayName> <TechnicalProfiles> <TechnicalProfile…
asked 2024-06-01T11:33:07.11+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 83%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMF%3C/text%3E%3C/svg%3E)
Michał Filipkowski
0
Reputation points
edited the question 2024-06-01T12:13:47.69+00:00
Michał Filipkowski
0
Reputation points
0 answers
Entra Custom Authentication Extensions to Function App in a Private vNet
I have gone through the documentation on setting up a custom authentication extension, and have built a function app and configured all the parts for making a call into my function app endpoint for the On Token Issuance Start event. My function app is…
asked 2024-03-21T11:45:11.0466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 2%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Josh Christensen
5
Reputation points
commented 2024-06-01T01:20:22.1+00:00
Ryan Hill
26,321
Reputation points Microsoft Employee
2 answers
Azure AD B2C Sign in with google generates 'invalid_grant' for specific users for non gmail domain users.
We are getting error "We encountered an 'invalid_grant' error connecting to the identity provider. Please try again later". for some users. Sign in with google feature is working for all @gmail.com domains but when it comes to other domains…
asked 2024-05-28T12:58:20.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 21%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
Venkat Maram
0
Reputation points
edited a comment 2024-05-31T20:47:07.4466667+00:00
James Hamil
22,436
Reputation points Microsoft Employee
1 answer
Request_BadRequest returned when trying to assign Custom Attributes to B2C Users
I created a new custom attribute for my B2C users, as I want to assign them a string value associated with their account with this custom attribute. The value will be read with their token and passed through to my application. I've been able to obtain…
asked 2024-05-29T15:49:54.3+00:00
hampton123
1,095
Reputation points
commented 2024-05-31T14:39:04.6833333+00:00
hampton123
1,095
Reputation points
3 answers
We encountered an 'invalid_grant' error connecting to the identity provider. Please try again later
Category : Azure AD B2C We have added federated login(Sign in with Google) to our application. Google IDP is working well for users having @gmail domain users but non gmail users , some of the users we are getting below error. "We encountered an…
asked 2024-05-28T08:59:35.2033333+00:00
Venkat Maram
0
Reputation points
commented 2024-05-31T06:58:43.0766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 13%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBB%3C/text%3E%3C/svg%3E)
Babafemi Bulugbe
2,515
Reputation points MVP
0 answers
WAM with google authentication
Hello We know that google has deprecated web-view sign-in support. So if app authenticates users with an embedded web-view and you're using Google federation with Entra B2B for external user, Gmail users won't be able to authenticate. Would…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 31%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
0 answers
Microsoft Entra External ID no wizard for external guests
Hello, I am setting up Entra External ID with an external tenant. Self-sign up is disabled, but invitation through the application is enabled. When someone comes from an identity provider such as Microsoft Entra ID, I want to enforce MFA (Multi-Factor…
asked 2024-05-30T14:23:38.9133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 11%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Alvin Strandberg
5
Reputation points
asked 2024-05-30T14:23:38.9133333+00:00
Alvin Strandberg
5
Reputation points
1 answer
How to assign custom user attributes to B2C users?
I'm looking to assign custom attributes to each of my B2C users, such as job titles, to assign different permissions in my application. I've created the custom attribute "JobTitle" in B2C, but I don't know how to assign individual users a…
asked 2024-05-28T18:26:50.19+00:00
hampton123
1,095
Reputation points
commented 2024-05-30T14:22:55.7866667+00:00
hampton123
1,095
Reputation points
2 answers
One of the answers was accepted by the question author.
B2C Sign Up Issue in Azure API Management Developer Portal
Hello, I'm encountering an issue with my API Management developer portal. Currently, the portal only permits sign-ins and sign-ups via B2C. Previously, I successfully tested the sign-up and sign-in system. However, after updating the gateways for both…
asked 2024-05-07T19:23:12.0833333+00:00
hampton123
1,095
Reputation points
commented 2024-05-30T14:22:31.9466667+00:00
hampton123
1,095
Reputation points
1 answer
One of the answers was accepted by the question author.
Entra ID - OIDC BFF pattern - does not work
Hi, I have a blazor hybrid app with both webassembly and server. Currently I'm using the oidc flow with b2c (https://learn.microsoft.com/en-us/aspnet/core/blazor/security/blazor-web-app-with-oidc?view=aspnetcore-8.0&pivots=with-bff-pattern) and…
asked 2024-05-28T19:05:49.29+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 8%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERD%3C/text%3E%3C/svg%3E)
Robert Desbiens
40
Reputation points
commented 2024-05-30T13:37:20.93+00:00
Robert Desbiens
40
Reputation points
0 answers
Unable to logout from External Identity Provider (SAML 2.0)
Hello All, I am working on React Application which will support multi-IDP logins, i am using MSAL library to implement I have configured below IDP SAML 2.0 using Microsoft External Identities. SAML for Okta SAML for OneLogin SAML for Google Suite I…
asked 2024-05-20T08:04:10.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 39%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVG%3C/text%3E%3C/svg%3E)
Vedika Gujar
0
Reputation points
edited a comment 2024-05-30T06:04:29.1+00:00
Vedika Gujar
0
Reputation points
1 answer
Entra External ID SCIM support
Does Entra External ID support SCIM?
asked 2024-05-14T16:59:28.9733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 23%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Swift Connect
0
Reputation points
commented 2024-05-30T02:09:13.53+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 11%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJZ%3C/text%3E%3C/svg%3E)
Jing Zhou
3,200
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
AaDApplication Proxy connector
Hi All, for Azure AD Application Proxy, under the Connector event Viewer section, I can see an event: as below: "Microsoft AAD Application Proxy Connector's inactive connection detection mechanism has identified inactive connections, number of…
asked 2024-05-08T06:55:10.4133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 92%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
AJAY PRAJAPATI
30
Reputation points
accepted 2024-05-29T07:50:15.01+00:00
AJAY PRAJAPATI
30
Reputation points
1 answer
How to fix error - scope is invalid (AZURE)
I have 2 Apps in my Azure Active directory, one is connecting a (security) platform successfully but the other is giving me error in connection. Both have exactly same permissions. Error is " The client '6811588b-....-4156-8...-....aefc5111' with…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 7.000000000000001%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZ%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 10%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELJ%3C/text%3E%3C/svg%3E)
1 answer
How to emit some data field on azure AD JWT token
We have integrated a web client with OAuth to authenticate using Azure AD and are storing the token for later use. However, we need to exclude certain sensitive data, such as email, IP address, and name, which are not necessary for the application. Could…
asked 2024-05-21T05:55:59.27+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 53%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
P Kungvanrattana
0
Reputation points
commented 2024-05-29T02:32:16.7066667+00:00
P Kungvanrattana
0
Reputation points
1 answer
Azure B2C custom policy for Multiple Idp's using SAML 2.0
We are tying to implement multiple Identity providers using Azure B2C custom policies, how can we differentiate between each Identity provider, one page where all users can login and authenticate against their respective auth Provider, and custom policy…
asked 2022-12-01T06:22:32.877+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 77%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHP%3C/text%3E%3C/svg%3E)
Hemanth Potluri
1
Reputation point
commented 2024-05-28T12:29:54.5733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 49%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOP%3C/text%3E%3C/svg%3E)
Oscar Peña
0
Reputation points
2 answers
One of the answers was accepted by the question author.
EntraID external id
I'm creating an external user with EntraID. But the user will not be assied as ExternalAzureAD. What is wrong with this?
asked 2024-05-27T10:37:11.15+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 22%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENC%3C/text%3E%3C/svg%3E)
Naoki Chiba
20
Reputation points
answered 2024-05-28T08:59:02.04+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Shweta Mathur
28,201
Reputation points Microsoft Employee
6 answers
Cross-tenant Inbound applications
For my external users to access our Teams, I have to change the inbound rule to allow all Microsoft Applications. If I selected Teams and Office365 only, user cannot signin. I am seeing message Failure for application "Microsoft App Access…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 65%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 20%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)