Risky service principal log triggering
I have enabled diagnostic settings for RiskyServicePrincipals and ServicePrincipalRiskEvents in Microsoft Entra ID and set up logs to flow both storage account and event hub. I want to have an example log for these types of logs, tried multiple ways ex: …
How to authenticate to Azure DevOps PATs API?
I'm creating an Azure Function in Node.js which needs to list, create and delete Azure DevOps PAT's, but as the title says, I'm having troubles with authentication / authorization. I've read the wiki…
Power Pages Authentication For Azure AD
Hello, We want to use Power Pages to develop a platform for business users ( external organisation who dont have an account with us) to complete a survey and expose externally. We are looking to authenticate existing users and new users both. What…
SCIM based Entra ID user provisioning - re-provisioning of specific user groups with users on demand
Hi Team, Using the SCIM based user provisioning from Microsoft Entra ID, is there an option to re-provision the user group association for a specific group alone using the Entra ID user provisioning application. We have requirement in our system where we…
How to fix AD to AAD synchronization.
Initially, Microsoft accounts were created for school employees and we used them. After that, I created a server to which I successfully synchronized Azure AD accounts with a local AD via Azure AD Connect. A little later, I lost access to the server and…
Confusion on assigning licenses
Hello, I am really confused about assigning licenses. I activated Entra ID P2 to see if I can do licensing. When I activated my P2 trial version, for licensing and SSPR, it asked me for my email. So, I wrote my personal email and added a new domain and a…
Identity unused managed identity via Azure cli
Hello, We do have lot of user managed identity created in our resource group and only few identity has been assigned to machine learning compute. Im working on a task to identity the list of unused managed identity via azure cli. I can able to list all…
Entra External tenant Google federation sign-in error AADB2C: An exception has occurred.
Hi, we have setup an External tenant CIAM configuration for our customers and are trying to enable Google as an identity provider for the tenant following the documentation at…
I cannot but Microsoft Entra P1 Free Trial license. I'm getting message that I must use other account.
Hi, It was free trial subscription I created about years ago. Subscription plan is "Azure plan". Now I want to check some features of Entra ID and tried to get Free Trial of P2 License. Steps I'm going through: Go to "Licences" in…
How to retrieve all the users lastlogon details from entra id
Hi Q&A team, So i have been trying to retrieve all the users last logon from the microsoft entra id even i tried to retrieve with the help of KQL queries as well so did not solved my issue so please provide me detailed steps to resolve this…
Multiple Microsoft Accounts with Same Email Address
When i sign into my Microsoft account I get a popup box that says "It looks like this email is used with more than one account from Microsoft [ie, both my Work/School and Personal accounts]". In other words, my Personal account is associated…
Can't log into the Azure portal (portal.azure.com) due to MFA issue while I'm the only Admin of my personal azure account
I am stuck in an odd authentication loop trying to get into portal.azure.com. I enabled MFA last October and this is my personal Azure account. Here is what happening: Navigate to https://portal.azure.com Entering my account mail address and then I…
Password Expiration Issue in Hybrid Active Directory Setup
Our organization has an on-premises Active Directory (AD) integrated with Azure AD Connect and Single Sign-On (SSO) configured, including the password write-back option. We've set a password expiration policy of 90 days at the organizational level in…
The core requirement is to map device attribute and send in SAML token along with all other user attributes.
We need to send one of the computer attribute (device.divison) to the SAML claim along with other user attributes in one of the enterprise application in Entra ID. The device is Azure AD hybrid joined and available in the Entra ID (Devices). In the…
Azure service bus role assignment time based
I have created a service bus namespace with one queue in it. I have disabled "local authentication" from overview due to security reason. Now I want to use service bus explorer from azure portal to view messages in queue/dlq using azure active…
How to exclude Microsoft App Access Panel from the Conditional Access policy?
I want a group of users only to have access to myapps and the app I created (accessible from myapps). I don't want them to have access to the AZ portal or Azure AD Powershell. What I did was to include all apps in my policy and exclude the other two.…
MFA for guest user
Hi all, we have added guest accounts (webmails) in our Active Directory and it was authenticated with mfa earlier and am not sure why I am unable to add another device for the same guest account , and also it was throwing an error (we couldn’t find an…
How did my MFA get changed in my MS account?
I am the only admin with only one account for my business account. I have had my account for almost two years now. I have not had any issues until two weeks ago. Something or someone from MS must have accessed my account and reset something, as I have…
Can SPA app with backend exchange the auth code for access token on the backend?
My use case is fairly common: an SPA app with tightly coupled backend app to access data. I want to authenticate using Microsoft Entra ID. I wanted to use the following auth flow: User is redirected to Microsoft's page to sign in Frontend receives the…
Persistent Issues with Microsoft Entra ID Tenant Recognition and Support Ticket Submission
Question Summary: I'm encountering persistent errors in the Microsoft Entra ID portal when attempting to access or manage user accounts and submit support tickets. Despite using the same ProtonMail-based account to create my tenant and register my apps…