Questions tagged [azure-active-directory]

Microsoft Azure Active Directory (Microsoft Azure AD) is a modern developer platform and IAM service that provides identity management and access control capabilities for your cloud applications. It uses industry standard protocols like OAuth2.0, OpenId Connect, and SAML2.0.

2
votes
1answer
32 views

AAD and NuGet vs. MSA and NuGet

We're working in a shared repository where we're not the owner. Our AAD accounts have been invited - username@domain.com. We have no issues accessing the Git repo. THE ISSUE: We can't access the ...
-3
votes
0answers
12 views

azure Devops CI CD pipeline --File not found on give location

while Building app it throwing MSB3030 error. i have question like C:\Program Files\dotnet\sdk\2.2.104\Sdks\Microsoft.NET.Sdk\targets\Microsoft.NET.Publish.targets(141,5): Error MSB3030: Could ...
-1
votes
1answer
16 views

Update user's images on Azure Active Directory using Graph API (c# .Net windows service)

My Network admin has configured local(On Prem) MS Active directory on MS Windows server 2008 and now they have moved to Azure Active Directory in a hybrid mode e.g keeping both Directories ...
0
votes
0answers
12 views

Android/iOS: How to provide SSO for mobile devices with Azure AD using SAML protocol

I am trying to implement SSO in mobile native devices with Azure AD using SAML 2.0 protocol. From web I can successfully login but I am not finding a way to do the same using mobile client. I tried ...
0
votes
0answers
8 views

Cancel button is not working in Azure B2C Sign up policy

From mobile app, authorize endpoint is invoked and loaded in webview. When cancel button is pressed, It does not go back to APP(redirect URI). It works for Web app client where it returns to web app ...
0
votes
0answers
16 views

Connecting to Service Fabric using anapplication

I want to connect to Service Fabric remotely using an application. Currently, we connect using a username/password and that isn't very secure. If I run the code below, it returns that the given ...
0
votes
1answer
18 views

Redeem refresh token in Azure AD B2C against any custom policy

I am not able to redeem new tokens(access and refresh) using refresh token received against different policy token end point. Received refresh token A from https://tenant.b2clogin.com/tenant....
0
votes
1answer
17 views

Can i setup Active Directory Domain Services in Windows pro or do i require a windows server os?

I want to be able to access ADDS through Microsoft Graph API after setup? I have windows 10 pro version. Is it sufficient?
0
votes
0answers
18 views

Connect to Azure SQL Server via Linux + ODBC + Active Directory Authentication

I'm attempting to connect to Azure SQL Server 2017 from Debian 8 or 9. Our SQL Server instance is connected to our Active Directory requiring Active Directory Authentication. Thus far, I've tried ...
1
vote
1answer
42 views

How to check if a user is in an AD group via Azure AD?

Setup Specifications .NET 4.5.1 MVC Project Project contains .aspx files (legacy) Currently user Azure AD for authentication via Cookies. Azure portal configured (via App Registrations) with "...
1
vote
0answers
72 views

Call Azure powershell cmdlets from C#

I'm workin on a C# forms program which will help to set up Azure resources. I use powershell cmdlets to log in to AzureRm and to create an Active directory. Login works fine, but when I'm trying to ...
0
votes
1answer
38 views

Is it possible to add multiple audiences to AzureAdBearer token?

I have an app that uses MSAL to obtain an access token from Azure AD. This is done on the client side which has it's own Azure App Registry. I then pass this access token to the server, which then ...
0
votes
2answers
43 views

Azure Function custom API Authentication

I got a HTTP triggered azure function, which is using by one of my web applications. The user of this site would be anybody who signed up to the site. Now I want to implement authentication to the ...
0
votes
1answer
26 views

Graph Api: Deleting attachment from group post results in access denied, even though application/user has been granted required permissions

I am using Graph Api for managing our organization's Office 365 groups. I am able to view and delete groups' threads without any issues, but when I try to delete an indivindual attachement inside the ...
3
votes
0answers
42 views

SharePoint Online: Issues when try to connect to .Net Core API secured with Azure AD using AadHttpClient from SharePoint app

SPFx | SharePoint Online Hello, I have a custom .Net core API uploaded to Azure. I need to connect the secure Azure AD API with the SharePoint client-side web parts (using SharePoint framework v 1.7)....
-1
votes
0answers
14 views

On Microsoft AD external login after cookie expires loops - ASP MVC

I have integrated Microsoft AD External Login On ASP MVC. I am using Asp Identity for authorization. It works fine. But After Cookie expires the browser automatically refreshes and getting stuck with ...
0
votes
0answers
11 views

AzureAD joined computer not able to reach a DNS host(A) record on Windows DNS

Environment (User): Windows 10 laptop AzureAD joined User in the office Side note: Majority of our users are domain joined, this user travels alot, so we set him up as AzureAD to see how it would work....
0
votes
3answers
58 views

Invalid Signature when generate bearer token

I am new to OAuth and I used this tutorial to generate access token from client app to target app. The code itself is working fine, but the access token I generated has invalid signature when I ...
0
votes
0answers
26 views

Embed Power BI report in Salesforce

I am following the Microsoft blog (link here - https://powerbi.microsoft.com/en-us/blog/embedding-a-power-bi-report-into-salesforce/) to embed a power bi report into a visual force page in salesforce. ...
2
votes
1answer
32 views

How do I obtain the Azure AD groups of the currently logged on user without needing a domain admin to grant my application any rights?

More specifically: I have small Azure AD under which i have registered my application. The application is marked as multi-tenant as i want people to be able to log in to it with their own corporate ...
0
votes
0answers
43 views

Best way to authorize User against Azure AD Group in SPA (React JS)

We want to authorize User against Azure AD group in SPA (React JS); i.e. User allows to access API from SPA if he/she belongs to a Particular group (e.g. testgroup). Found sample code in Msal.JS. I'm ...
0
votes
0answers
37 views

Enable Multi tenant Azure AD login tom asp.net webforms application

i am trying to develop application in which any user from any tenant can sign in to use my app. For this i registered my app url to my Azure tenant as Multi tenant application (from properties pane in ...
2
votes
0answers
47 views

Microsoft Graph: Groups request failing with error about expanded list entry types

Here's the graph call I'm making: https://graph.microsoft.com/v1.0/groups?$expand=members This works successfully in two place: Microsoft Graph API Explorer Within my (same) code in multiple real ...
0
votes
1answer
26 views

Microsoft Graph API - “GraphOrganizationFromTenantGuidNotFound” error code

My problem is exactly like here, word to word: Microsoft Graph Api /calendar endpoint returns "OrganizationFromTenantGuidNotFound", but /users endpoint works without problems. How to fix ...
0
votes
0answers
30 views

Changes to the manifest of my azure app are not seen in the azure portal

I want to programatically mirror AWS IAM Roles to my SAML federation, using a lambda, with lambda like this developer I want to verify what the least privilege access the credentials for the ...
0
votes
0answers
25 views

Azure AD Graph API - Adding user to application gets PlatformNotSupportedException

My goal is to add a user to an application in Azure. I'm using the old Azure AD Graph API only for this method, because the newer Microsoft Graph API currently doesn't support this feature. By ...
1
vote
1answer
37 views

Accessing MS Graph API with directly obtained token issue

My project is based on this on-behalf-of-flow example. In my web api I have a non-restricted by [Authorize] method which receives login and password. I also have a restricted method which gets some ...
0
votes
1answer
33 views

When would AAD 2.0 be Live in PROD?

We want to converge our application and when is expected to have AAD 2.0 Live in production? The documentation says it is is currently in pre production support
0
votes
0answers
25 views

PowerBI Embedded (App Owns Data) Creating embed token with effective identity fails

The error message I get is: Creating embed token for accessing dataset <my-data-set-guid> requries effective identity username to be identical to the caller's principal name. I am using ...
1
vote
2answers
46 views

Change the navigation of inviteRedeemUrl in Invitation Email: Azure AD

I created an email invitation using Microsoft Graph to a azure ad application. IN the email that was being received on clicking the Get Started (Elements of Email Invite)element it is being ...
0
votes
1answer
55 views

AADSTS90002: Tenant 'xx' not found. This may happen if there are no active subscriptions for the tenant

I followed this tutorial to generate an access token from client app for target app. According to the comment for this tutorial, for the resources, I changed to App ID URL. But I am still not able to ...
1
vote
2answers
100 views

Authorize attribute always returns 401

I am using client credential/app identity flow (OAuth 2.0) where the API is able to authenticate the web app by its app id. There are 2 things that I need to make sure the authentication is successful:...
0
votes
0answers
48 views

ASP.NET Core API Service authentication

I'm developing an app that requires a fairly complex authentication scenario. The app it self is an Angular 7 app with ASP.NET Core 2.2 backend. I have implemented Azure Active directory ...
1
vote
2answers
41 views

Microsoft Graph - Filtering users by X500 proxyAddress

Is it possible to query for users, filtered by an X500 proxy address? Using the following query which filters by an SMTP address, I can return all of my proxy addresses: /v1.0/users/?$filter=...
0
votes
1answer
61 views

Unable to validate access token signature obtained from Azure AD in order to secure Web API

I am trying to secure my web api (.net core 2.2) with Azure Ad using implicit flow. I registered my application in Azure AD using the Azure Portal > Azure Active Directoy > App Registrations > New ...
2
votes
1answer
47 views

Retrieve all Users from all Groups?

Is it possible to see all of the Groups and all of the Users inside those Groups using Microsoft Graph? I don't see anything like that in the documentation. When calling: https://graph.microsoft....
0
votes
0answers
24 views

Windows AD user impersonation in Azure

I am trying to deploy a website to Azure App Services. I have a identity impersonation in my web.config to access image server. <system.web> <identity impersonate="true" userName="sroy" ...
0
votes
1answer
34 views

Unable to add Azure AD Group as a user into Azure SQL Database

I want to accomplish the below task: Assign X AD Group as user in database Assign permission to full manage the database specificed to that AD Group I am using the below queries: SELECT * FROM SYS....
0
votes
1answer
27 views

Adding Owners to Azure AD Group via Python sdk

I am trying to create create an AD Security Group and add an owner to the group . I am executing this in python. I am able to create the group , but unable to add owners to the group. I am using a ...
0
votes
1answer
31 views

Unable to get Access token in microsoft Oauth 2.0

I am developing the integration for Microsoft One Note with third party application using OAuth 2.0 And I have successfully authorised my Microsoft O365 account and provided my consent, but unable to ...
0
votes
0answers
28 views

How to create ASP website to run Powershell command?

I have created a Powershell script to report AD user attributes in WPF. Since there is a dependency on RSAT tool and some other module I thought to use the script in web based portal. Could someone ...
1
vote
1answer
59 views

Is access token from ADAL.net different from openid

I am new to openid and aad. I have an API which calls a downstream Graph api. I was following the example below, https://joonasw.net/view/azure-ad-on-behalf-of-aspnet-core Everything worked fine. ...
-1
votes
0answers
31 views

Azure msal login pop-up functionality [closed]

I am using Microsoft's azure loginpopup functionality in my code, i am facing an issue while doing so... The promise returned by loginPopup method is not resolving. I am able to put user ...
0
votes
1answer
25 views

iOS: ADAL Auto sign-in after sign-out

I am facing an issue with auto sign-in with ADAL v2.5.4 in my iOS App. When a user wants to login to MSA account, we call acquireTokenWithResource with the required params and promptBehavior as ...
2
votes
5answers
145 views
+50

Azure Function with AD auth results in 401 Unauthorized when using Bearer tokens

I have a very simple Azure function in C# for which I've setup Azure AD Auth. I've just used the Express settings to create an App registration in the Function configuration. public static class ...
0
votes
0answers
24 views

Simplest way to replace AD with ADFS (or add it on top it)?

I have a client app and it is a single-tenant app in AD. What I actually need is a collaboration between a couple of AD users in order to share our users (all users will eventually be used in 1 shared ...
0
votes
0answers
20 views

Error message “token_missing” from login.microsoftonline.com

Trying to keep the post short, ask if you need details: Im running asp net core with reactjs-front end, azure AD authentication. I have an asp .net core server side solution with a react front end. ...
0
votes
1answer
42 views

oAuth 2.0 access token validation node.js

I have a backend API written in node.js express framework. I need to implement oAuth 2.0 (client_credentials grant type) with it. I came to know that the front-end(who is the caller of the API) is ...
0
votes
1answer
37 views

Service Principals and CRL checking

Does a Service Principal (SP) check the CRL for the cert that is used to authenticate the SP? I have a client that is concerned over the use of SP with Certificates for authentication and wants to ...
0
votes
0answers
40 views

Skype For Business Online Authentication Error - 403 Permission Denied

Hello Microsoft/Azure/Skype experts, I'm tasked with accessing presence data from Skype For Business Online accounts from my macOS app (native). I'm unfortunately stuck and i always get a 403 error ...

http://mssss.yulina-kosm.ru