How can I change the default tenant for my account
Hello everyone, I have an Azure account with a default Tenant and another tenant. I set up MFA for the default Tenant using the Microsoft Authenticator App but I had issues with my device and had to factory reset it. The second tenant is the tenant I…
User provisioning fails because of expired access token
We have a SCIM application. When we open the Provisioning tab of our application, in the section Admin Credentials we have set: Authentication method: OAuth2 Authtorization Code Grant Authorization endpoint:…
How to Retrieve App Registration Owner Details in Azure Entra ID Using PowerShell?
Hi, I am trying to obtain the owner details of an Azure Entra ID (formerly Azure AD) App Registration. My goal is to write a PowerShell script that sends an email notification when the secret value is about to expire (7 days in advance). I can…
Azure MFA session revoke
I have 3 tenants in Azure. I can log into 1 and 2 fine, but not 3. For 3, the MFA was setup with my old phone that broke. Our admin team has revoked my access and sent me the invitation to join. The invite directs me to the my apps page, with no…
Mandatory MFA for break-glass account vs Conditional Access policies
Hi, It is recommended that at least one emergency access / break-glass account should be excluded from all Conditional Access policies. How does this work now that break-glass accounts are in scope for mandatory MFA? How is mandatory MFA implemented /…
How do you know when the X.509 certificates are going to change in the Federation Meta Data document used for SSO
We are using a plugin (OneLogin) in Wordpress to enable SAML SSO. We are grabbing the X.509 cert from the federation meta data document and pasting into Wordpress (Onelogin). The certs initially have expirations of 5 years, but each month there seem to…
AzureAD CBA AADSTS2205013: Certificate Revocation List (CRL) download is currently in progress.
Hi, We have been on Azure Entra Cert based auth for awhile now without issues signing in, today currently users are getting this message when singing into apps or O365 sites pre periods up to 30mins. AADSTS2205013: Certificate Revocation List (CRL)…
Users get prompted for MFA and email
Hi, We have corp.local on prem domain and external.org for our emails. Before we flip from Exchange on prem to O365 we would like to get all SSO issues resolved. We currently have two problems. When users open Edge or Chrome browsers on their office…
How can I apply a Conditional Access Policy to a Desktop application in Azure?
I am creating an Azure Enterprise ID app registration for both mobile and desktop platforms. I would like to apply a Conditional Access Policy (CAP) to this registration for the desktop app. However, the application is not available in the cloud app…
SCP de Microsoft Windows Server Active Directory
Buenos días, Estamos revisando la posibilidad de activar el dominio Hibrido con entra ID y nos gustaría hacerlo de forma controlada. En la documentación proporcionada he podido revisar que existe la posibilidad haciendo cambios en la configuración SCP…
In Azure, how can I automatically assign custom permissions relating to an application to the person who creates that application
I need a way to allow all users to create App Registrations while only allowing the users access to view and manage enterprise applications they have created. I can work on the specifics but I need the general approach (custom roles, conditional access…
Add extra authetication methods in Entra
Hi , In Entra , if i filter for a user -->Authentication method , i can see the user is capable with 2 authntication methods . I use Powershell to filter , since Entra won't show which is availble . ExtensionData …
How can I reschedule a test that I was unable to access due to a problem verifying my personal information?
I faced a problem verifying my personal information in exam online AI-900 foundation . Nothing appeared from the barcode and I did not receive a message on the phone. As for using the site itself via the laptop, it did not allow me to click to choose the…
Authenticate azure devops build REST API through Azure AD access token
I need to trigger azure devops services build Rest API through azure AD access token. My devops organisation is integrated with azure AD and i have registered an app in Azure AD. using app id tenant id scope and client secret to generate access token.…
Remove Notes in Contact Section of Teams
I am an IT admin. I have a user who just added Teams but when he selects his profile, under the Contact information tab, there is a Notes section that has a bunch of information that needs to be removed. Upon looking in all cloud admin portals (including…
I was added to an Organization as an admin, but this organization does not exists and I cant delete or leave it
So, a while ago I was asked in Teams whether I am part of an organization. I entered some initials of a former company I was working for and for some reason did this create an entirely new organization where I am the admin of. I can the organization in…
Exclude MFA for one account used in Power Automate Flows
We use a E3 user account for our power flows. The flows interact with this user's Exchange mailbox and via the user, to SharePoint Online to doc libraries we granted permission to the user. This account isn't a real person's account, so it's not subject…
Inquiry Regarding Token Protection for Mobile Apps Using Azure OAuth
We're currently working on a mobile application (both iOS and Android) and web that uses (SSO) with OAuth through Azure AD. The application generates access tokens from Azure, which are then used to make API requests to our server to retrieve employee…
when I try to log into azure portal my personal account is hijacked by liberty university
my personal login is williamcotton@live.com; when I use that to go into the azure portal it tries to authenticate me through liberty university organization. I have never gone to that school or did any business with them. I cant open a ticket on the…
Send mail using MFA enabled Mail ID
Hi Guys, I am reaching out to you because I have a doubt in sending email. I am using SmtpClient class to send mails. MFA has to enabled for the mail Id from tomorrow onwards (mandatory it seems). how to authenticate and send mail using SmtpClient ? It…