Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,767 questions
0 answers
How to skip OrchestrationStep related to MFA (ClaimsExchange) if login prompt was not displayed
Hello Team, We have CombinedSignInAndSignup step which shows login prompt if the session is not active and this is followed by ClaimsExchange which does phone SMS or call) authentication. In case of an active session (either 'Keep me signed in'…
asked 2024-05-14T18:29:37.59+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 13%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBM%3C/text%3E%3C/svg%3E)
Bhusari, Milind
0
Reputation points
commented 2024-05-18T01:28:37.68+00:00
Bhusari, Milind
0
Reputation points
0 answers
How to skip OrchestrationStep related to MFA (ClaimsExchange) if current session is already active
We have a CombinedSignInAndSignup step that displays a login prompt if the session is not active. This step is followed by a ClaimsExchange, which handles phone SMS or call authentication. When there is an active session (whether ‘Keep me signed in’ is…
asked 2024-05-18T01:25:04.11+00:00
Bhusari, Milind
0
Reputation points
asked 2024-05-18T01:25:04.11+00:00
Bhusari, Milind
0
Reputation points
0 answers
Certification Profile not connecting to Certipoint or even created?
Hello, I have just passed my AZ-900, Azure Fundamentals Certification through Certipoint as per the course instructions. No matter what I do, I am unable to either create a Certification Profile to show off my newfound certification or find anyway to…
asked 2024-05-18T00:15:40.82+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 92%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMC%3C/text%3E%3C/svg%3E)
Mason Claussen
0
Reputation points
asked 2024-05-18T00:15:40.82+00:00
Mason Claussen
0
Reputation points
7 answers
Authentication Issues using AAD Kerberos for Azure file shares
I have ran and re-ran through the prerequisites. "The Azure AD Kerberos functionality for hybrid identities is only available on the following operating systems: Windows 11 Enterprise single or multi-session. Windows 10 Enterprise single…
asked 2022-09-30T17:39:54.11+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 98%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBR%3C/text%3E%3C/svg%3E)
Benjamin Ra
21
Reputation points
commented 2024-05-17T22:51:45.5833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 67%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Michael Patrick Richter
0
Reputation points
1 answer
Issue with authenticating API management with Azure OpenAI services using managed identity
Hello, We are trying to connect API management services with one or multiple model deployments on Azure OpenAI services. Basically we are trying to do some version of what is shown in this repo (and this blog post). Following the instructions, we have…
asked 2024-05-17T16:57:47.8466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 87%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
twin
0
Reputation points
answered 2024-05-17T22:33:38.46+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 4%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Sina Salam
3,901
Reputation points
2 answers
How to remove a 'dangling' Access Control (IAM) assignment for User Access Administrator?
A User profile was set as User Access Administrator, the mistake was recognized, and the User profile was deleted... However, after the deletion, there is a 'dangling' Access Control (IAM) entry indicating ("Identity not found") which makes…
asked 2024-05-17T15:59:28.9133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 72%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Joe MacPherson
0
Reputation points
answered 2024-05-17T22:13:06.1566667+00:00
Joe MacPherson
0
Reputation points
1 answer
One of the answers was accepted by the question author.
How can I use Microsoft Entra-only authentication for my nextjs application using mssql and Azure SQL Database
I'm building a fullstack application using NextJs and Azure SQL database. The database is Microsoft Entra-only authentication. I'm using NPM packages mssql for querying the database and @azure/msal-browser and @azure/msal-react for single sign on. The…
asked 2024-05-17T20:58:27.2466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 67%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKA%3C/text%3E%3C/svg%3E)
Kofi Adutwum
0
Reputation points
commented 2024-05-17T21:39:40.45+00:00
Oury Ba-MSFT
16,731
Reputation points Microsoft Employee
1 answer
Use Okta MFA claim with Security Defaults (not Microsoft Authenticator)
We have multiple tenants, one of which is licensed and is configured to provision users from Okta. Our other tenants are free-tier and have Security Defaults enabled to enforce MFA. We invite employees at their Okta user email to become B2B Collaboration…
asked 2024-05-17T20:18:09.0033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 98%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJT%3C/text%3E%3C/svg%3E)
Josh Thompson
0
Reputation points
answered 2024-05-17T21:16:22.4866667+00:00
Andy David - MVP
142.6K
Reputation points MVP
0 answers
JWT ID token using different jwks uri which has appid parameter
JWT ID token generated in this Azure AD Application is using keys from "jwks_uri": "https://login.microsoftonline.com/{tenant_id}/discovery/keys?appid={client_id}" rather than using the keys from this link…
asked 2024-05-17T20:31:35.1666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 74%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Shiva Kiran
0
Reputation points
asked 2024-05-17T20:31:35.1666667+00:00
Shiva Kiran
0
Reputation points
1 answer
Request Entra ID Access
Hello, We recently took over a legacy application from a customer that uses MS Entra ID (formerly Azure AD) to manage their RBAC. The previous company had access to it, and now we also need access to the Entra ID. The admin from our client mentioned that…
asked 2024-05-17T12:30:43.4966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 7.000000000000001%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Julian Martino
0
Reputation points
edited an answer 2024-05-17T20:26:00.93+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 26%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAO%3C/text%3E%3C/svg%3E)
Akpesiri Ogbebor
75
Reputation points
1 answer
AD B2C: Where is Documentation for `{service:te}` In a Custom Policy Technical Profile?
There are serval examples throughout the AD B2C documentation that utilize {service:te} as the value for the client_id. The following example was taken from here. <TechnicalProfile Id="JwtIssuer"> <DisplayName>JWT…
asked 2024-05-17T18:02:14.5066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 22%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA6%3C/text%3E%3C/svg%3E)
AdamHilton-6671
0
Reputation points
answered 2024-05-17T20:25:24.76+00:00
James Hamil
22,186
Reputation points Microsoft Employee
1 answer
How is the scope of the permission defined? GroupMember.ReadWrite.All
GroupMember.ReadWrite.All The application permission is defined as: Allows the app to list groups, read basic properties, read and update the membership of the groups this app has access to without a signed-in user. Group properties and owners cannot be…
asked 2024-05-17T19:32:06.3+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 83%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIA%3C/text%3E%3C/svg%3E)
Ingling, Allen
0
Reputation points
answered 2024-05-17T19:54:57.8566667+00:00
Andy David - MVP
142.6K
Reputation points MVP
0 answers
Users suddenly got incapable of MFA
Users suddenly got incapable of MFA. All sign in methods got removed
asked 2024-05-17T19:14:44.57+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 77%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETJ%3C/text%3E%3C/svg%3E)
Tod Jolayemi
0
Reputation points
asked 2024-05-17T19:14:44.57+00:00
Tod Jolayemi
0
Reputation points
3 answers
Microsoft 365 is "requiring" set up authenticator app as verification method. No other option other than app on a phone. How do I choose SMS or Voice as my only options?
I have made several changes but it appears all new users only have the option to get the authenticator app, I have disabled the microsoft managed options. I have diabled the registration campaign. Under authentication methods I have checked microsoft…
asked 2024-05-15T16:32:50.91+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 96%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAB%3C/text%3E%3C/svg%3E)
Alisha Brantley
0
Reputation points
answered 2024-05-17T18:35:27.95+00:00
Alisha Brantley
0
Reputation points
2 answers
No Apps available on Company Portal
Hi there, I successfully deployed Company portal app to macOS device. However, when I navigate to apps, it says no apps are assigned to this device. How can I assign apps to users using Company Portal? Any help will be much appreciated.
asked 2024-05-17T16:31:15.49+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 42%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
Anam Ahmed
21
Reputation points
commented 2024-05-17T17:59:13.78+00:00
Anam Ahmed
21
Reputation points
0 answers
Passkeys for Android devices
Hello, Referring to this article: https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-register-passkey-mobile?tabs=Android What's the difference between "Passkey" and "Passkey in Microsoft Authenticator" as…
asked 2024-05-17T17:43:08.6666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 87%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVB%3C/text%3E%3C/svg%3E)
Vladyslav Bondarchuk
40
Reputation points
asked 2024-05-17T17:43:08.6666667+00:00
Vladyslav Bondarchuk
40
Reputation points
0 answers
Entra SSO and Provisioning in Salesforce
We are going to turn on provisioning users between our Entra instance and Salesforce. The issue is we want users to be created with profile chatter free. We will change their profile based on their role manually. When Entra seeks to update any changed…
asked 2024-05-17T17:37:45.4966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 53%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Meghan McCoy
0
Reputation points
asked 2024-05-17T17:37:45.4966667+00:00
Meghan McCoy
0
Reputation points
2 answers
One of the answers was accepted by the question author.
Conditional Access and Microsoft Authenticator Sign In
We're using conditional access policy to restrict access to 'Register security information' to trusted locations only. This policy blocks home users from signing into the Microsoft Authenticator. How are you handling this security recommendation?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 19%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
1 answer
AzureAD Connect error while executing the command 'Get-MsolUserRole' Access Denied.
We've been running AzureAD Connect for ages. No issues, syncing works. Haven't needed to make a config change for a while but after attempting to upgrade from 2.3.6.0 to the latest we're getting this error when it asks for the password to Connect to…
asked 2024-05-15T22:43:45.9033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 6%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBA%3C/text%3E%3C/svg%3E)
Brian Altman
30
Reputation points
commented 2024-05-17T17:32:34.6666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 39%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMW%3C/text%3E%3C/svg%3E)
Mannan Waheed
0
Reputation points
0 answers
macOS Platform SSO Secure Enclave - Entra ID sign-on logs? Conditional Access Authentication Strength policies?
We're testing macOS Platform SSO integration to Entra and have a few questions that aren't answered by the documentation: When using the Secure Enclave setting, the user ends up with a Platform Credential in their 'Authentication methods' view in…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 87%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)