Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,420 questions
2 answers
Audit Report for 2FA enabled accounts
Azure MFA status not updating in O365. Azure Conditional access users default to disabled in O365. I Need to run a report for an IS audit to show 2FA is enabled for all accounts. Powershell scripts pull from O365 but show disabled for Conditional…
asked 2020-08-03T13:08:56.887+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 73%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
ALG719
1
Reputation point
commented 2020-08-17T08:01:58.57+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 0%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
VipulSparsh-MSFT
16,271
Reputation points Microsoft Employee
2 answers
Issue with Azure AD metadata import in linux based system with Tomcat as application server
Facing issue while importing SAML SSO Azure AD IDP metadata in SP (Linux based system. Tomcat as application server). Error: SignatureValidationFilter : Signature trust establishment failed for metadata entry https://sts.windows.net/XXXXXXXXXX. We…
asked 2020-07-02T15:59:57.9+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 15%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAH%3C/text%3E%3C/svg%3E)
amitava hazra
6
Reputation points
answered 2020-08-17T06:43:58.467+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 60%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
JaparJarkynbyek
41
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure B2C custom policy pass input claim value from REST API
Hi All, I am new to B2C and AD, please excuse if this is a lame question. I am calling a REST API to create a record in the third-party system during user signup using custom policy. This part works fine without any issue and I am getting the record…
asked 2020-08-06T18:14:31.527+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 71%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENJ%3C/text%3E%3C/svg%3E)
Nijo Joseph Raju
141
Reputation points MVP
accepted 2020-08-16T17:36:31.997+00:00
Nijo Joseph Raju
141
Reputation points MVP
4 answers
One of the answers was accepted by the question author.
B2C Custom Policy REST Integration Error
Hello All, I am new to Azure and B2C. I was trying REST API integration as explained here I have followed the same steps but I am getting an error when I try to upload "SignUpOrSignin" policy file. Validation failed: 1 validation…
asked 2020-08-03T17:41:10.733+00:00
Nijo Joseph Raju
141
Reputation points MVP
accepted 2020-08-16T17:23:21.72+00:00
Nijo Joseph Raju
141
Reputation points MVP
1 answer
I need Sign-in and/or audit logs from 2 years ago. Only have option for 7 days ago max.
Hello, I have Azure Active Directory for my organization. I am trying to see logs of sign-ins for an employee back in 2018. I only see the option for logs going back 7 days. This is for a theft of IP case. We need these logs or at least the device…
asked 2020-08-14T21:48:59.083+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 74%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
EricR
1
Reputation point
answered 2020-08-14T22:20:58.17+00:00
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA
27,456
Reputation points
1 answer
One of the answers was accepted by the question author.
Invitation Sent and user can't sign in (B2C)
I created an SPA app to be used in B2C. The users that sign up they can sign in. But when I invite them using the portal in the AD B2C blade/Users Menu on the left. And then I click + New User and then use Invite User option. They get an email to…
asked 2020-08-13T21:18:21.767+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 84%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
bdiddy
171
Reputation points
commented 2020-08-14T21:19:33.21+00:00
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA
27,456
Reputation points
1 answer
One of the answers was accepted by the question author.
Still have PIM with an Azure AD P1 license
I cannot figure out why I still have access to PIM, with only P1 Azure AD license? I had an P2 trial account to test out the feature, including PIM. However as global admin(with P1 license) I'm still able to assign role to users in PIM and approve…
asked 2020-08-13T14:17:26.873+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 1%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW2%3C/text%3E%3C/svg%3E)
wawa-2377
26
Reputation points
commented 2020-08-14T16:28:17.813+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Marilee Turscak-MSFT
36,836
Reputation points Microsoft Employee
4 answers
One of the answers was accepted by the question author.
MSAL-Angular auth_code flow + PKCE support?
I learned at MS Build 2020 that MSAL-Angular is GA. I was wondering if it supports authorization_code flow & PKCE like MSAL 2.0 for JS does already? I've implemented a baseline login component, but seems that it is still using implicit flow? Is…
asked 2020-05-22T17:36:38.887+00:00
Bernd Schickerbauer
116
Reputation points
commented 2020-08-14T14:31:44.457+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 79%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGA%3C/text%3E%3C/svg%3E)
Gary Archer
1
Reputation point
1 answer
TLS Log Warning for AAD Sync - Schannel 36875
We manage quite a few servers, and back in March, enabled LDAPS for all of the domains that had LDAP queries related to VPNs. The same set of instructions was used for each of 8 domain controllers; however, on two of them, we began seeing these warnings…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 24%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIP%3C/text%3E%3C/svg%3E)
2 answers
One of the answers was accepted by the question author.
Creation of account in AAD if domain is federated allowed?
Hello all I have global admins in AAD but I can't see the domain name I want in the drop down when I create a new user. I checked custom domains and I can see the domain I want to use is verified. It is is federated and perhaps this s the issue? I must…
asked 2020-08-13T08:54:16.043+00:00
AzureAddict
26
Reputation points
answered 2020-08-14T12:44:22.033+00:00
AzureAddict
26
Reputation points
3 answers
Office 365 ATP Plan 1 and Plan 2 application
Dear Support, I have a question related ATP features availability and applicability relatively to which license/plan was assigned to a user. Currently, we have Office 365 ATP (Plan 1) licenses that applied to our users(about 500 users) that gives…
asked 2020-08-04T12:59:17.783+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 1%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Айнур Хазиев
1
Reputation point
commented 2020-08-14T05:31:59.85+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 67%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Joyce Shen - MSFT
16,661
Reputation points
1 answer
One of the answers was accepted by the question author.
Microsoft Store for Business / Education - How to configure specific users to receive AND approve App Requests
I have been working looking into a process to ensure users when using the Private Store, can request apps, then for these apps to be approved by a user or team. In my scenario I have down the following settings: Allow users to shop: Off Make…
asked 2020-08-11T13:38:21.51+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 19%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDM%3C/text%3E%3C/svg%3E)
Delroy McKenzie (IT Services)
26
Reputation points
accepted 2020-08-13T18:03:51.027+00:00
Delroy McKenzie (IT Services)
26
Reputation points
1 answer
/teams/allMessages is this resource type is paid for create subscription api
I am using create subscription API for creating webhooks and I wanted to access the resource type /teams/allMessages but it is showing the error message as - ""message": "Operation: Create; Exception: [Status Code: Unauthorized;…
asked 2020-08-01T11:14:33.88+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 37%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
Shubham Tak
1
Reputation point
commented 2020-08-13T17:49:05.657+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 44%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Saurabh Sharma
23,806
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
B2C Error while user sign in
Hi @Anonymous , I am trying seamless user migration to B2C through custom policy, following is policy details that I am running: <RelyingParty> <DefaultUserJourney ReferenceId="SignUpOrSignInWithUsername" /> …
asked 2020-08-13T04:43:08.787+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 30%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVT%3C/text%3E%3C/svg%3E)
Vikas Tiwari
766
Reputation points
accepted 2020-08-13T17:05:01.803+00:00
Vikas Tiwari
766
Reputation points
2 answers
Please disable multi factor authentication on AD B2C tenant in Azure Portal
Every time I log into Azure portal and access AD B2C tenant I am prompted to confirm my email address with a secondary email address provider. Please turn this additional check off. Thank you! See this request: …
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 43%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESW%3C/text%3E%3C/svg%3E)
1 answer
Setup of G Suite IDP for SAML direct federation for B2B
Hi guys, our G Suite IdP integation is not working: after setting it up, users are unable to redeem invitation. Please see following errore message: RequestId: e48a3d3e-6703-46b6-b1d2-b00adf4a8fe2 Correlation…
asked 2020-04-21T14:17:39.003+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 70%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG%3C/text%3E%3C/svg%3E)
GV
1
Reputation point
commented 2020-08-13T09:51:12.697+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 94%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMH%3C/text%3E%3C/svg%3E)
Mounirkam@hotmail.com
1
Reputation point
3 answers
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: '4c9f8d57-3372-47b8-9f05-067a5127b9e4'.
Hi, I have this issue when I try to sync my Outlook with another software in which I'd like to send email (Pipedrive) "AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application:…
asked 2020-07-21T11:44:39.213+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 68%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETL%3C/text%3E%3C/svg%3E)
Thomas Letourneur
1
Reputation point
answered 2020-08-13T07:46:10.81+00:00
Thomas Letourneur
1
Reputation point
1 answer
One of the answers was accepted by the question author.
Recommended pattern for acquiring tokens
Hi Team, We wanted to know the recommended pattern to acquire tokens while using the Client Credentials flow for a daemon application(confidential client application). Are we supposed to acquire the token silently i.e. from token cache? As per…
asked 2020-08-06T16:28:50.347+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 79%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
ExchangeOnline444
21
Reputation points
accepted 2020-08-13T07:23:53.13+00:00
ExchangeOnline444
21
Reputation points
3 answers
One of the answers was accepted by the question author.
Need direction on manually rolling my own MSAL (or at least accessing REST APIs) for use with non-standard tooling/languages.
Hello, I have a client that has moved their internal tools to Azure MFA. We have a couple of 3rd party desktop applications (written by my company) that the client would like to bring under the Azure MFA umbrella. We previously accomplished this…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 45%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
8 answers
One of the answers was accepted by the question author.
Azure MFA not working when activating an Azure AD Role with MFA setting enabled
Hi All, I'm trying to configure Azure AD role with MFA enabled when a user activate the role but MFA is not kicking in. I have Conditional Access configured when users logging in to the Azure Portal and that is working as expected. So for me, MFA…
asked 2020-08-11T14:48:11.667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 6%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAJ%3C/text%3E%3C/svg%3E)
Allan J. Dela Pena
26
Reputation points
commented 2020-08-12T23:15:47.59+00:00
JamesTran-MSFT
36,596
Reputation points Microsoft Employee