How to recover my password if I can't access the authenticator to change my passoword?
Hi. So, my problem is: I have an email that's connected to the microsoft authenticator. I can't remember the password, and when I try to change it, it asks for 2 types of verification, and the other one is the verification through the authenticator but,…
Howto remove myself from a subscription
For the past decades I have been working in many Azure instances of customers. All of them granting me rights. Some of them removed me after finishing the projects, others did not. Some companies even do not exist any more. And the ones that still do…
Roles claim missing from the access token
Have registered an app for SSO to web app. Created App roles for the app. Assigned users to groups and assigned groups to the app roles. The access tokens of the authenticated users do not show the roles claim. There are no groups or roles claim in the…
How can we customize the error message in sign-in page?
In the sign-in page if we didn't provide the email address and click next, following error message is coming - "Enter a valid email address or phone number". How can we customize this message from custom branding section? For example, in the…
Entra ID authentication with Windows servers
I have a Windows 2022 server from onsite storage for hosting applications and having issues getting Entra connect to work. Do I need to create a duplicate domain and join that to our existing domain? I 'prefer not' to set up a new domain, but rather use…
Setting Attribute in "Single sign on" > "Attributes & Claim" Using Microsoft Graph PowerShell
Hello, I am trying to build an Automation Platform for registering Enterprise Application and assigning Custom attributes (Manipulating the existing user attributes including Extended attributes) for SAML claim token ("Enterprise Application"…
No user other than Entra Domain user able to sign in using REACT MSAL library on VSO scopes
Hi, I am using an Application defined in Entra ID, which is valid for multi-Tenants and Microsoft accounts. Whenever I try to use scopes related to VSO I am not be able to use Microsoft Account ID or Live ID BUT when I remove ADO/VSO related scopes from…
Support SAML for existing app registration
I have an existing App Registration (already published on the Microsoft Entra App Gallery) that only supports OpenID connect/OAuth 2.0. How do I update my App Registration to also support SAML single sign on?
Azure Active Directory - Universal with MFA local host
I am trying to set up a working connection between my SSMS and my Fabric Datalake. I have followed all the steps described on the following blog:…
User not able to authenticate on tenant, AD Connector used with Passthrough authentication
We have 2 domain (AD) with a connector synching users on one single tenant, AD connector is located in the domain A, we are facing a problem with Azure authentication for people on domain B. Seems password is not recognized and when it is changed is…
Cannot configure Entra ID to AD sync
Trying to configure Entra ID to AD sync (one way only. No write backs from AD) No option to pick the domain from the drop down menu. It looks as though the agent is running however, but unable to configure the remainder on the azure/entra side
Send link to new user for new account
Hello Please i need your help on this issue. Something seems to have changed in the new user set up. I have always had the option to send a link to a new staff member with the temporarily password. I have set up the new user account but cannot send…
Azure AD Connect - Connected data source error code 8344
When trying to synchronize, I get the error Export Error: permission-issue, Error Code: 8344, Cource error: Insufficient access rights to perform the operation. According to the instructions from the Internet, I verified the permissions of the account…
Export SAML-based Sign-on Attributes & Claims
I want to automate an export of all Applications / service principals with PreferredSingleSignOnMode = saml and export the SAML-based Sign-on Attributes & Claims. Have hunted around for code but can't find anything. Can this actually be done using…
How to update accessTokenAcceptedVersion without updating other application properties
Recently I changed accessTokenAcceptedVersion in application menifest to 2 but it breaks some of our web api functionality. I'd like to change accessTokenAcceptedVersion back to null but got the following error: "Failed to update xxx application.…
Guest user from a cross-tenant setup unable to access Power BI reports embedded in SharePoint despite having appropriate permissions.
We have configured cross-tenant access between our organization and a guest user's organization. The guest user has been granted all necessary permissions to view Power BI reports embedded within our SharePoint site. However, despite these permissions,…
Edge locations for Microsoft Entra ID and routing traffic to the closest endpoint
How can we ensure the traffic reaches the closest Entra location if a user is accessing an application in cities like Toronto, Montreal, Vancouver, or Halifax? Are there any edge locations available for Entra, and is there any link to check that?…
How to bypass "Pick an account" popup after Sign out
Hello all, Is there any possibility to bypass the "Pick user popup" after Sign out with Endpoint v2.0 at Azure AD? We need to execute automatic sign out at Blazor app while user is not active, but we got redirect at the popup and the user is…
How reset the idToken when it expires?
I am working with ReactJs. I am using IdToken for backend api authentication. I am saving it in the localStorage and with every request I am sending it to the backend. However in an hour the token expires and the backend api calls start failing. and I…
Problem Connecting a device to Entra ID
Hello. I am trying to connect a device (laptop) to my domain, say xxx.com. I am logged into my device using a personal microsoft hotmail account. I have followed the instructions detailed in: …