Trusting Device Compliance Across B2B Tenants in Intune
Tenant A and Tenant B are B2B connected with device trust enabled, and there are devices registered in Intune for both tenants. The primary login on the devices is from their respective tenants, but users have accounts in both. Currently, when trying to…
How to migrate power page from ADAL to MSAL
We have a power page that uses azure b2c for authentication and authorization. We have identified that our Dynamics solution uses the Active Directory Authentication Library (known as ADAL), a code library for authentication and authorization against…
Can we setup Multi-Tenant Organization between an EA Tenant and a CSP Tenant?
Wanted to know if there is limitation if we want to setup an MTO between 1 EA tenant and 1 CSP tenant? Can you share a link that talks about this?
Internal Guests Accounts cause many problems in Teams and Sharepoint
Hello Community, On the Microsoft documentation website, Microsoft describes four possible combinations of authentication (internal vs. external) and UserType (Member vs. Guest). For my use case, the best matching combination seems to be "Internal…
How do I get the last login timestamp from azure b2c?
Hello. I'm trying to figure out how I could implement automatic removal of users in azure ad b2c after a period of inactivity. I'm using an external identity provider (oidc) to make it possible for users to login. I have a userflow that redirects the…
How to fix Passkey authentication?
Recently, our CIAM login started showing additional sign-in options. When I click on it, I can choose "Face, fingerprint, PIN or security key". Clicking on it, causes the following error: AADSTS135004: Invalid postBackUrl parameter. When I…
'AADSTS500207: The account type can't be used for the resource you're trying to access' error when trying to access custom scope in an External Tenant
Hello, I am having issues when trying to sign into my External tenant and specifying a custom scope. The error happens when I am making use of the MSAL library but also when attempting to authenticate with Postman or Insomnia. I have set my authority to…
Entra ID External Identities - Verification code mail branding
Hi, I've created a user flow in an Entra ID external tenant. When signing up using an email and a password, a verification code is sent to the user's mail. My questions are the following : Is it possible to change both the branding and the content…
Cross-Tenant Synchronization Configuration Question
Hello. A question is regarding Cross-Tenant Synchronization functionality. Currently, there is an interest in using Microsoft's tenant-to-tenant synchronization feature to receive user information from an external tenant (Tenant B) within Tenant A. The…
create external user
I would like to invite an external user via PowerShell. Can anyone help me with the PowerShell syntax for the required settings? I am mostly using the default settings.
Azure AD B2C Supported Countries for SMS
Hello, I had a question pertaining to Azure AD B2C regarding SMS that I couldn't find in the docs. What countries do Azure AD B2C support for SMS? Thank you.
create external user
Hi I would like to invite an external user via PowerShell. Can anyone help me with the PowerShell syntax for the required settings?I am mostly using the default settings.
Migrating existing Azure AD B2C to Microsoft Entra External Id
Hi Team, We have an existing Azure AD B2C setup which is working fine. I believe Microsoft Entra External Id is the next generation of CIAM provided by Microsoft and I would like to move my B2C to External ID. Can I migrate my existing B2C tenant to…
About guest invitation
When I try to invite guest users from other region tenant(China) I got following error User invitation failed This invitation is blocked by cross-tenant access settings. Administration for both your organization and the inviting user's organization…
Enforce MFA for specific users
Hi, we're using MS Entra and we would like enable users to opt in for MFA (SMS verification) and to enforce MFA for Admins. Is there a way to do it without creating custom policies? We were thinking about creating two custom groups with one of them…
AADSTS1100001 Error when Implementing Custom Extension for OnAttributeCollectionSubmit Event in Microsoft Entra ID
I'm implementing a custom authentication extension in Microsoft Entra ID to modify the sign-up experience in my customer self-service sign-up user flow. I’ve registered my custom extension to trigger on the OnAttributeCollectionSubmit event, which occurs…
Microsoft Entra Custom CSS not applied to Update Password Screen
The custom CSS classes (.ext-{name}) are not been used in the Update Password screen preventing consistency between pages. Instances like .ext-boilerplate-text and many others are been used as regular .boilerplate-text preventing us from overriding the…
How to Display Custom Error Messages for Contact Number Validation in Azure Entra External ID Custom Authentication Extension
I’ve integrated a custom authentication extension in Azure Entra External ID to validate Irish contact numbers during the signup process. This validation works as expected—if the contact number doesn’t match the specified Irish format, the signup process…
Error : Invitations are blocked for this directory due to suspicious activity
Error message received after initiating a sync (provision on demand) a particular user Export of the object with id = bd6d887f-cf6e-47cb-97f3-7f5e4a1f323e and joining property = [Type: 5, Identity Provider: , Key: 10032003BDAD8E5C] to the Microsoft…
Azure Ad B2C User journey block message get excuted to next step when refresh the page
Hi, I have got a scenario where we have got SelfAsserted block message and privacy pages. When a user gets a block message with no continue or cancel button and when we go and refresh the web page it gets executed to the next step in the user journey.…