Questions tagged [azure-active-directory]

0

votes
0

answer
5

Views

Grab Access token - ASP Net Cor 2.x webapp ( work or School Account )

I have created a simple Web application using Visual Studio 2017. By selecting below template and after providing my domain details, VS created a project which is ready and protected by Azure AD. Now, after logging in, I want to capture the Access token returned by the Azure AD Identity Server. I w...
user2243747
0

votes
0

answer
4

Views

Azure AD - custom validation in external api

I have 3 applications, one is desktop application and this is my client, second is my Web Api to secure and the last one is api which checks if the user with password exists. In my case I want to connect this flow with Azure AD. I think this should work like this: 1.DesktopApplication sending reques...
Kol
0

votes
1

answer
14

Views

Unable to create new user using Azure Active Directory B2C Graph API with chinese character Json data

I am trying to create a user using AAD B2C graph API. It is working fine when the Payload Json is English Character, but If I create the Json Payload with a Chinese character, Its fails. Json Payload: { "givenName": "会话", "surname": "宋", "mail": "[email protected]" "city": "TestCity", "state": "he...
Koushik mondal
1

votes
1

answer
93

Views

Azure Runbook can't modify Azure AD application

I'm trying to execute this in an Azure Automation runbook $app = Get-AzureADApplication -ObjectId $ApplicationId $appRole = New-Object Microsoft.Open.AzureAD.Model.AppRole $appRole.AllowedMemberTypes = New-Object System.Collections.Generic.List[string] $appRole.AllowedMemberTypes.Add("User"); $appRo...
BennyM
1

votes
1

answer
303

Views

CORS error when adding Azure AD authentication

Trying to add Azure AD authentication to an Angular 7 webapp with a .net core 2.1 backend. However, I get the CORS error during the request. "Access to XMLHttpRequest at 'https://login.microsoftonline.com/.......' (redirected from 'https://localhost:5001/api/auth/login') from origin 'https://localho...
Henkolicious
0

votes
1

answer
11

Views

Is it possible to do Custom Claim Transformations in AzureAD like you can with ADFS?

We are attempting to use AzureAD as a IDP for Amazon Web Services and provide the ability for our users to role switch into other accounts / levels of access based on their AD Group memberships. The following is a link which gives us exactly what we are after using ADFS. Cleverly named AD Groups are...
Xavier Hutchinson
0

votes
0

answer
12

Views

SSO with React Web Application

I am working on a React Application which needs to support SAML2.0. The need is to implement SSO with the Azure Active Directory, using Azure AD as an IdP. I am trying to use this Library https://www.npmjs.com/package/saml2-js But the thing I am unable to understand is where I can find the crt and p...
Harish Soni
0

votes
1

answer
24

Views

ArgumentException: The 'CallbackPath' option must be provided

I implemented active directory authentication for my Asp.Net core 2 application. Every thing works fine on local but once I deployed the application to server it throws error "ArgumentException: The 'CallbackPath' option must be provided." I added call back path on my appsettings file: tried both:...
Kurkula
1

votes
2

answer
200

Views

Azure Management API access from a web app

Is it possible to gain access to the Azure Management APIs through the client ID and secret for a web app? I have a web app through which i want to be able to manage Azure. I want to do this using the credentials of the application itself so that the current user does not have to be an azure adminis...
user1371314
0

votes
0

answer
5

Views

Azure Active Directory tenant for a stand-alone Azure Installation with Domain Services

we have an Infrastructure for one customer in Azure which require many configurations like MFA with VPN and Remote Desktop (this one is the reason why I'm confused with Azure AD). The installation should be only in Azure, that's mean there is no local AD which could be synced to it. I've created an...
Samer Sh
1

votes
1

answer
729

Views

How to obtain the AssignedLicenses using Microsoft.Graph Client Library

Is there a working way to read the AssignedLicenses property of a user in the Microsoft Graph Client Library? I tried the following things, but the AssignedLicenses property always returned null allthough there are licenses assigned to the user // test 1: using "Me" var lic = client.Me.Request().Get...
stefboe
0

votes
0

answer
5

Views

Unable to connect to the destination mentioned in the KeyVault URL- Azure SQL

I am trying to use the Dynamics 365 Data export service to connect with my Azure SQL with Azure AD connection. When following this tutorial : https://www.youtube.com/watch?v=txms2Yvn6Vc and many more; i figured out how to export my D365 data export service but this tutorial is based on my SQL user....
user10991083
1

votes
0

answer
19

Views

Unable to login via users sign-in with Username/password and Microsoft Graph API

I got error below by following steps below in this example: Step 1: Clone or download this repository Step 2: (Optional) Register the sample with your Azure Active Directory tenant Choose the Azure AD tenant where you want to create your applications Register the client app (up-console) Step 3: Conf...
Pingpong
1

votes
2

answer
777

Views

How to get the organization (tenant) id from user profile using the Microsoft Graph API

I'm creating an add-in that I to sell using organizational licenses. I have implemented an authentication scheme on the add-in. I'm currently asking for User.Read scope for a sure authenticating using and Azure v2 endpoint. To get the user's information I'm querying https://graph.microsoft.com/v1....
seebiscuit
1

votes
1

answer
176

Views

AAD B2C Yahoo OpenID Connect failed to create in Azure portal

Asking question on behalf of others to continue troubleshooting here. Please see below question and GitHub link. I'm currently trying to use AAD B2C OpenID Auth with Yahoo, we set up the Client Id and Secret and the url of yahoo OAuth: https://api.login.yahoo.com/.well-known/openid-configuration. He...
Ray
1

votes
2

answer
489

Views

Deploy Web App certificate from Azure Keyvault and create SSL binding

I have been trying to figure out to fix the below problem while deploying Azure RM template. New-AzureRmResourceGroupDeployment : 9:54:31 PM - Resource Microsoft.Web/certificates 'redacted' failed with message '{ "Code": "BadRequest", "Message": "The service does not have access to '/subscriptio...
doubledecker
1

votes
1

answer
269

Views

Enabling CORS on Azure Active Directory

I am trying to get a access token from Azure Active Directory programmatically using the following method in an Angular 6 application. let body1 = new FormData() body1.append("resource", environment.config.clientId) body1.append("grant_type", "client_credentials") body1.append("client_id", environme...
kg123
1

votes
1

answer
126

Views

Bot connector returns Forbidden (403) with Microsoft.Bot.Connector.ErrorResponseException

We're using the bot connector to create proactive messages to send to users in Microsoft Teams. Bot connector returns Forbidden (403) with Microsoft.Bot.Connector.ErrorResponseException. This only happens when the code is deployed to a certain environment in Azure and has not appeared in any test en...
jwweiler
1

votes
1

answer
65

Views

Getting Me using Azure OAuth 2 Token

I am trying to use Azure OAuth2 to authenticate a user, then get some information about them. Here is what I am doing now. If code is not in URI, redirect them to: https://login.microsoftonline.com/GUID_HERE/oauth2/v2.0/authorize This redirects them back the the URL, but passes the code in the URI T...
tscrip
1

votes
1

answer
109

Views

On premise AD objectGUID is different than object id in Microsoft Graph

I have a question similar to: On premise Active Directory ObjectId is different than Azure Active Directory ObjectId We used objectGUID in AD to uniquely identify the users and groups. We also maintain the group memberships using objectGUID. When querying Microsoft tenant using Microsoft Graph, w...
Joyce
0

votes
0

answer
3

Views

Cannot delete Azure AD tenant

I am trying to delete my Azure AD tenant as my ADFS configuration failed and in my frustration I have deleted all the VM's (Including the Domain Controller, the ADFS server, and the WAP server). When I try to delete the tenant I am asked to delete all users in order to proceed, however the only user...
J.St
1

votes
1

answer
1.9k

Views

Limit Azure Active Directory sync

We are setting up Azure Active directory sync, to have our users loaded into Office 365-portal. However, there are quite a number of users in our AD that I do not want to sync. Is there any way to configure the sync-tool to sync only certain users/OUs/groups, for instance?
sarcophilus
1

votes
1

answer
897

Views

Add Windows Azure AD Tenant as an Identity Provider using OAuth 2 endpoint

Im trying to integrate Windows Azure AD Tenant as an Identity Provider. In order to achieve this i was able to configure sample AD in azure 1. Add the Access Control namespace to the Windows Azure AD tenant. 2. Add the Windows Azure AD tenant to the Access Control namespace as an identity provider....
Dharshana
1

votes
1

answer
3.3k

Views

office 365 rest api's for querying office 365 domain users

Can you please provide me the API names using which I can create,delete,update,search for users in office 365 without azure AD.
Radcliff
1

votes
1

answer
946

Views

Silent server side authentication process with the username and password to Azure AD

we need a way to do a silent server side authentication process with the username and password already in hand. That is, our mobile application (Javascript) that makes a web call to PHP server. That PHP server, in turn, calls our .NET Web Service. That web service needs to make a SILENT authenti...
Scott Lezberg
1

votes
1

answer
1.4k

Views

Get all domains for a tenant through REST API

I want to know if there is a way to retrieve the registered domain(s) for a tenant through REST API for Sharepoint/Office365. Consider this scenario; I have a tenant named abc.pqr and url for the "my" site(OneDrive) is abc-my.sharepoint.com. Now when I create a user for this tenant, the UI panel giv...
Syed Mauze Rehan
1

votes
1

answer
2.9k

Views

asp.net azure active directory user profile data

I'm working on a MVC application using Azure's AD authentication. I have been looking for a best practice or suggested way to 'extend' the user profile data. For example, I want the users to have a date of birth stored against themselves. I have looked at this but it doesn't really answer my questio...
Tom
1

votes
2

answer
4.6k

Views

How to assign user an application role in azure active directory using graph api 1.5?

I had faced an issue on adding user an application role in azure active directory. In User model,there is a property called ApproleAssignment where i think i can set an application role for the user.But when i had done that,its not assigning.Can anyone help me? I added application roles using App ro...
Ramesh
1

votes
1

answer
637

Views

Azure AD User management delegation

I am using Azure AD to create users, groups for an application that sits outside of Azure AD (hosted internally) I want the ability to delegate the user management to an admin of that application (create users, assign groups etc) I can see that in the Premium Azure AD subscription you can create AD...
Marty
1

votes
2

answer
484

Views

Get Token wih pure Javascript. Xhr Status == 0

I try to make a pure JavaScript authentication process without the help of ADAL.JS To be sure that the problem doesn't come from JQuery, I used a xhr request. I can easily get the code string from an https://login.windows.net/common/oauth2/authorize get request. The response contains my code string,...
Sébastien Pertus
1

votes
2

answer
1.3k

Views

MVC5 app using Azure Active Directory + REST API — to auth for PowerBI / O365

I'm trying to adapt the WebAPI example shown here, to use in MVC5: https://msdn.microsoft.com/en-US/library/dn931282.aspx#Configure I have a regular AccountController based login system, but I also need the user to login via OAuth into PowerBI, so I can pull datasets via the PowerBI REST API. Howeve...
ASX
1

votes
2

answer
2.2k

Views

How to get user name, email, etc. from MobileServiceUser?

After a lot of digging around I've got my WPF application signing users in via Azure Mobile Service. My Mobile Service is connected to an Azure Active Directory that I have set up. However, when I log the user in with MobileServiceClient.LoginAsync(...) the MobileServiceUser UserId is in an unreadab...
WiteCastle
1

votes
1

answer
294

Views

How do I secure an Azure Mobile Service with Azure AD? ADAL.JS

I have created an application in my Azure AD. I switch into the Mobile Service and go to the identity tab. For MS identity is asks for a client ID. I found the Client ID in the Azure AD configure tab. However, I had no idea what to use for Client Secret and Package SID. It seems like it is expectin...
PilotBob
1

votes
1

answer
385

Views

Is the order that Azure AD applies group claims to a ClaimsPrincipal reliable?

I have an application with multiple departmental levels. A user is a member of an AD group which represents a department. This group is then a member of another group representing a parent department, and so on through a number of levels. I need to know this entire chain of transitive group members...
Jude Fisher
1

votes
1

answer
389

Views

Accessing Calendar, Mail and Contacts of an OAuthenticated user

I configured an application on AzureAd to be multi-tenant, I chose to require all the permissions for Windows Azure Active Directory and Office 365 Exchange Online. I can get a user to grant permissions, get access tokens, refresh them, OAuth works for me. I always used the "common" keyword instead...
qnilab
1

votes
1

answer
1k

Views

Azure AD Graph API Directory Schema Extensions

I am currently trying to use Graph Client Library Version 2.0 to interact with my Azure Active Directory. I want to add a new attribute to the users so I need to use Schema Extensions. I followed the tutorial here: http://justazure.com/azure-active-directory-part-6-schema-extensions, and example cod...
de li
1

votes
2

answer
278

Views

AAD graph API - add Microsoft accounts

In Azure AD graph API it is possible to create new users in your organizational directory. Is it possible to add existing Microsoft accounts as users to your organizational directory? (This feature is available through Azure portal) If yes, what would be the API call?
DivineOps
1

votes
1

answer
1.2k

Views

Unable to add Credential to a Service Principal in Azure AD

I am trying to add a credential to a Service Principal (Azure AD application) using the following powershell script connect-msolservice $cer = New-ObjectSystem.Security.Cryptography.X509Certificates.X509Certificate $cer.Import($location) $binCert = $cer.GetRawCertData() $credValue = [System.Convert]...
1

votes
1

answer
996

Views

Azure active directory and owin authentication

Just faced an strange issue with azure ad applicationS and owin openid authentication. To reproduce the issue. 1.create a web app with azure ad authentication in vs 2015 choosing cloud app template . 2.let the standard code be as is. 3.let startup.auth as is. 4.Run the app on local it works fine. 5....
Govind S Yadav
1

votes
1

answer
723

Views

Changing expired password(s) using Azure Graph API

I have the following Python code to authenticate against the Graph API import requests def login(tenant_name, client_id, client_secret, username, password): url = 'https://login.windows.net/' + tenant_name + '/oauth2/token' payload = { 'grant_type': 'password', 'username': username + '@' + tenant_na...
saps

View additional questions