MFA for users using using SSO in Entra Extern IS
Hi,I have MS Entra External ID preview tenant created. I have set up SSO. I registered app and add a platform for SPA. I have also created Conditional Access policy. The issue I am running into is MFA. When user SSO and gives email and password, it is…
MS Entra External and how to select OpenID Connect protocol
Hello, based on MS suggestion our project team decided to us not B2C but MS Entra External ID . However how to select OpenID Connect protocol which seems to be supported in MSEE? Only there is option for SAML or WS Fed
Users getting redirected to ADB2C Sign-in screen when doing change phone number or email with MFA exception
We are experiencing a strange issue with our application (all environments) where we are getting redirected to ADB2C sign-in (Custom policy with RestAPI provider and Identity API) screen intermittently when trying to change phone number or email. We have…
Cross Tenant Authentication and User Impersonation on Entra External Id
I'm setting up Entra External Id for my project which has internal and external apps. I have an external tenant for customers on the external app, and a workforce tenant for the internal app. We need to be able to impersonate customers on the external…
Received error - "AADSTS399266: Blob grant token received with wrong issuer type."
I am trying to use the code from this microsoft learn page - https://video2.skills-academy.com/en-us/samples/azure-samples/ms-identity-ciam-javascript-tutorial/ms-identity-ciam-javascript-tutorial-0-call-api-vanillajs/ and configure the Ids. When trying to…
Refresh tokens expire after 12 hours using Microsoft Entra External ID native authentication with OTP
Issue We chose Microsoft Entra External ID for authenticating external consumers using CIAM after reading this article We're using these Android & iOS clients to signup and signin users with OTP authentication …
Microsoft 365 Admin Portal 2FA
Hello Please i need your help on this issue. One of my customer is having issue with Microsoft 365 Admin Portal 2FA. The Customer admin account no longer has access to 2FA phone number & we need it reset. The customer doesn’t have any other…
How to effectively enable SSO and SLO across multiple websites?
Hello, We're experiencing an issue with Entra External ID where Single Sign-On (SSO) works across multiple applications, but Single Logout (SLO) does not function as expected. Scenario: We have multiple app registrations, each corresponding to a…
Error when trying to login using Microsoft Cognitive Services in Public Desktop Client App in Entra External ID tenant
I have an Entra External ID tenant with a registered public desktop app from which I want to call the APIs from an Azure Speech Service resource. Via MSAL I log in like this: var clientId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"; var tenantId…
Json claim in ID token from external IDP in custom policy
I am integrating with an external identity provider using Custom Policies in B2C. The provider returns an ID token where one of the claims is a JSON array (note: not a stringified array!). There is no json data type in Custom Policies, so in the claims…
Guest user from a cross-tenant setup unable to access Power BI reports embedded in SharePoint despite having appropriate permissions.
We have configured cross-tenant access between our organization and a guest user's organization. The guest user has been granted all necessary permissions to view Power BI reports embedded within our SharePoint site. However, despite these permissions,…
Is there an alternative method for 2FA for external guest when accessing a sharepoint link? Some users don't have a smartphone and we would like to use a desk phone call.
We have recently enabled 2FA for Microsoft accounts and now it appears that in doing so, some external guests can no longer access the SharePoint link due to 2FA. So I have read that in order for them to authenticate with something other than the…
Country Dropdown - EEID
Hello on the sign in page for Entra External ID, the country field can only be a textbox or radio button. Is there a way to use a dropdown value here? If a dropdown is possible, is there anyway to restrict certain countries from showing up in the…
Adding directory claims to the ID token in Entra External ID
HI I want to include additional directory claims in the ID token of my Entra External ID instance. I have followed the instructions here: https://video2.skills-academy.com/en-us/entra/external-id/customers/how-to-add-attributes-to-token I have added…
Can't access my Entra trial account (used for SC-300 study)
I recall initially setting up a trial entra account with one email, and then having issues logging back in, so a few days later created it with my other email... That was working fine for several days just being used for study purposes, however now…
Maui mobile app can't sign up new Entra ID
I have a .Net Maui mobile app that uses MSAL for authentication into Entra External ID. I created a User Flow and configured my tenant to allow "Enable guest self-service sign up via user flows". I can authenticate with existing Entra IDs…
Use Azure External Identity User Flow to onboard external users as guests and add them to Azure AD Security groups in one sign up process
Hi there , we want to user External Identity User Flow for allowing collaborators outside or Azure tenant to be able to self sign up. We're planning to use the External Identity User Flow and would like users to to sign up and post sign up added to…
Unable to define the sites for an App Registration for SahrePoint with Site.Selected
I have this App registration with Site.Selected:- now i want to define the sites for the above "Sites.Selected", so i tried the following:- $siteUrl = "https://*.sharepoint.com/sites/integration-prod" $clientId =…
Azure AD B2C users forced to log in every time opening MAUI android app
Hi We currently have a Azure AD B2C custom policy for signing into MAUI android/IOS apps that makes a call to an Azure Function that checks whether the user logging in is a member of an Azure Group. The Azure Function needs to be updated to .Net 8.0 and…
How to translate help texts and error messages in Azure AD B2C phone sign-up/sign-in?
I have trouble using the localization feature for Azure AD B2C as some texts seem not to be translatable. There's this weird "pledge" in the documentation here…