Using main Azure Active Directory login for separate Azure AD B2C login via API Management Portal
My company has a main Azure Active Directory of our in-company users as well as a directory for Azure AD B2C for outside users. My API Management service as of right now only accepts logins via Azure AD B2C. I was wondering if it would be possible for…
How to add OpenID connect identity provider to Microsoft Entra External ID? I see only SAML/WS-Fed option.
Looks like there should be an OpenID connection option. How can I add entra ID multitenant provider here?
How to return claims to Azure B2C Custom Policy ClaimsProvider
I have defined a ClaimsProvider, which calls an endpoint in my local flask application <ClaimsProvider> <DisplayName>External Claims Source</DisplayName> <TechnicalProfiles> <TechnicalProfile…
Entra Custom Authentication Extensions to Function App in a Private vNet
I have gone through the documentation on setting up a custom authentication extension, and have built a function app and configured all the parts for making a call into my function app endpoint for the On Token Issuance Start event. My function app is…
Azure AD B2C Sign in with google generates 'invalid_grant' for specific users for non gmail domain users.
We are getting error "We encountered an 'invalid_grant' error connecting to the identity provider. Please try again later". for some users. Sign in with google feature is working for all @gmail.com domains but when it comes to other domains…
Request_BadRequest returned when trying to assign Custom Attributes to B2C Users
I created a new custom attribute for my B2C users, as I want to assign them a string value associated with their account with this custom attribute. The value will be read with their token and passed through to my application. I've been able to obtain…
We encountered an 'invalid_grant' error connecting to the identity provider. Please try again later
Category : Azure AD B2C We have added federated login(Sign in with Google) to our application. Google IDP is working well for users having @gmail domain users but non gmail users , some of the users we are getting below error. "We encountered an…
WAM with google authentication
Hello We know that google has deprecated web-view sign-in support. So if app authenticates users with an embedded web-view and you're using Google federation with Entra B2B for external user, Gmail users won't be able to authenticate. Would…
Microsoft Entra External ID no wizard for external guests
Hello, I am setting up Entra External ID with an external tenant. Self-sign up is disabled, but invitation through the application is enabled. When someone comes from an identity provider such as Microsoft Entra ID, I want to enforce MFA (Multi-Factor…
How to assign custom user attributes to B2C users?
I'm looking to assign custom attributes to each of my B2C users, such as job titles, to assign different permissions in my application. I've created the custom attribute "JobTitle" in B2C, but I don't know how to assign individual users a…
B2C Sign Up Issue in Azure API Management Developer Portal
Hello, I'm encountering an issue with my API Management developer portal. Currently, the portal only permits sign-ins and sign-ups via B2C. Previously, I successfully tested the sign-up and sign-in system. However, after updating the gateways for both…
Entra ID - OIDC BFF pattern - does not work
Hi, I have a blazor hybrid app with both webassembly and server. Currently I'm using the oidc flow with b2c (https://learn.microsoft.com/en-us/aspnet/core/blazor/security/blazor-web-app-with-oidc?view=aspnetcore-8.0&pivots=with-bff-pattern) and…
Unable to logout from External Identity Provider (SAML 2.0)
Hello All, I am working on React Application which will support multi-IDP logins, i am using MSAL library to implement I have configured below IDP SAML 2.0 using Microsoft External Identities. SAML for Okta SAML for OneLogin SAML for Google Suite I…
Entra External ID SCIM support
Does Entra External ID support SCIM?
AaDApplication Proxy connector
Hi All, for Azure AD Application Proxy, under the Connector event Viewer section, I can see an event: as below: "Microsoft AAD Application Proxy Connector's inactive connection detection mechanism has identified inactive connections, number of…
How to fix error - scope is invalid (AZURE)
I have 2 Apps in my Azure Active directory, one is connecting a (security) platform successfully but the other is giving me error in connection. Both have exactly same permissions. Error is " The client '6811588b-....-4156-8...-....aefc5111' with…
How to emit some data field on azure AD JWT token
We have integrated a web client with OAuth to authenticate using Azure AD and are storing the token for later use. However, we need to exclude certain sensitive data, such as email, IP address, and name, which are not necessary for the application. Could…
Azure B2C custom policy for Multiple Idp's using SAML 2.0
We are tying to implement multiple Identity providers using Azure B2C custom policies, how can we differentiate between each Identity provider, one page where all users can login and authenticate against their respective auth Provider, and custom policy…
EntraID external id
I'm creating an external user with EntraID. But the user will not be assied as ExternalAzureAD. What is wrong with this?
Cross-tenant Inbound applications
For my external users to access our Teams, I have to change the inbound rule to allow all Microsoft Applications. If I selected Teams and Office365 only, user cannot signin. I am seeing message Failure for application "Microsoft App Access…