azure-active-directory

问题 I've followed the instructions here to set up the Azure AD multi-tenant custom policy in the Identity Experience Framework: https://docs.microsoft.com/en-gb/azure/active-directory-b2c/active-directory-b2c-setup-commonaad-custom?tabs=applications However I'm unable to get a claim back containing the email address (corresponding to the "user name" from the external active directory). The main single-tenant active directory setup works fine, when I use this claim mapping (and the other "social"

问题 I have created a .Net Application and to access certain outlook graph API's i need to fetch the access token and to get this access token i want authorization code which need to be passed. As far as the article for Authorization Code Flow , I have seen examples where we can get the authorization code by using the browser, whereas, in my case i want to retrieve the auth code within the application. Is there any way we can achieve this? 回答1: How to get Authorization Code from Azure App using

问题 I have created web app to CreateOrGet, Delete, Update onlinemeeting using Microsoft Graph API in C#. To get authorization code as per link Get access on behalf of a user. It returns a webview as HttpClient calls api for AuthCodeGeneration and returns the response, which contains Authcode in browser. I have to manually copy it to execute CreateOrGet, Delete, Update onlinemeeting using Microsoft Graph API. Is there any way to do this through code in C#? 回答1: You don't need to handle the "code"

问题 So I have built an Application using ASP Net Core. here is my code services.AddAuthentication(AzureADDefaults.JwtBearerAuthenticationScheme) .AddAzureADBearer(options => Configuration.Bind("AzureAd", options)); services.Configure<JwtBearerOptions>(AzureADDefaults.JwtBearerAuthenticationScheme, options => { // This is a Microsoft identity platform web API. options.Authority += "/v2.0"; // The web API accepts as audiences both the Client ID (options.Audience) and api://{ClientID}. options

问题 i am trying to create a azure ad app and set client id in that app, but some how i am not able to login in that app throwing me error like "You can't sign in here with a personal account. Use your work or school account instead." view image i've set all the required delegate permission to that app view image i've set "Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)" this permission also view image if some one

问题 MSAL for Python supports ROPC flow(Resource Owner Password Credentials Grant) supports token retrieve for Public Applications, Can we similarly use confidential client class in MSAL for python? The following links seem to say no--> https://github.com/AzureAD/microsoft-authentication-library-for-python/wiki/Username-Password-Authentication Also, if we can use both Public & Confidential client, which is recommended from a security standpoint? The application is a service app that runs behind

问题 I have a requirement to integrate azure media player in an android app. All I can see in the documentation is sample and information on how to add this in an HTML file. I have a "...mainfest" file, and I need to play it from the android app. I need to know if there is any SDK available for android, or do i need to host a page on server, which can play these videos? Edited I checked sample player here, when I pass my video URL to it, it loads video fine with or without "(format=m3u8-aapl-v3)"

问题 I'm trying to authenticate a token using Azure AD. In a console application , I have no problem with this thanks to IConfidentialClientApplication: static void Main(string[] args) { Console.WriteLine("Making the call..."); RunAsync().GetAwaiter().GetResult(); } private static async Task RunAsync() { AuthConfig config = AuthConfig.ReadJsonFromFile("appsettings.json"); IConfidentialClientApplication app; app = ConfidentialClientApplicationBuilder.Create(config.ClientId) .WithClientSecret(config

问题 From angular application i want to call https://login.microsoftonline.com/##tenant##/oauth2/v2.0/token api to get access token from http call and using that token i want to call https://graph.microsoft.com/v1.0/users/##UserId##​​​​​​​​​​​​​/getMemberGroups API without using any npm package of angular. I tried using http service, but getting below error Access to XMLHttpRequest at 'https://login.microsoftonline.com/xxxx/oauth2/v2.0/token' from origin 'https://xxx.co' has been blocked by CORS

问题 I'm developing SSO using SAML and my IdP is Azure. I'm having problem with IDP Initiated flow. In SAML Response I always get this NameID: <NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"> bMFy2VsLxPyxxxxxx..... </NameID> This is what I'm expected: <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"> user-email-address@foo.bar </NameID> I always get nameid-format:persistent instead of nameid-format:emailAddress . Although I have set "name identifier