azure-ad-b2b | AAD for inviting customer admins who can then invite | Azure library
kandi X-RAY | azure-ad-b2b Summary
kandi X-RAY | azure-ad-b2b Summary
AAD for inviting customer admins who can then invite their own users
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of azure-ad-b2b
azure-ad-b2b Key Features
azure-ad-b2b Examples and Code Snippets
Community Discussions
Trending Discussions on azure-ad-b2b
QUESTION
We would like our customers to be able to authenticate using either personal or work accounts. We have set up a seperate AD in Azure to which customers are invited which should grant them access to our application.
In the ASP.NET Core application https://login.microsoftonline.com/{myTenantID}/v2.0
is used as authentication endpoint. A client id and secret from an application registered in the preview app registration through the portal is provided with the request. Authenticating our work accounts works smoothly, but when attempting to authenticate most personal accounts an error message is returned: An error was encountered while handling the remote login. AADSTS50020: MSA guest token redemption attempt on v2 common endpoint.
Should it not be possible to authenticate a MSA using a tenant-specific endpoint (only /common
)?
Similar problem: Azure AD B2B Authentication error for users with custom domains - AADSTS65005: Using application 'My Application' is currently not supported
Also, this comment points out that authenticating MSAs in multi-tenant apps will not work, however, ours should be sigle-tenant: https://github.com/Azure-Samples/active-directory-dotnet-webapp-roleclaims/issues/10#issuecomment-145125080
...ANSWER
Answered 2019-Feb-18 at 14:54You need to use common endpoint if you are targeting both B2C and B2B using v2 endpoint for both work and personal emails to be able to call Azure AD protected endpoints.
QUESTION
When sending invites to new users using the Azure B2B invite API, the new users are getting created into Office 365 groups but we want to have them in security groups.
We are following the process demonstrated in this link: https://blogs.msdn.microsoft.com/premier_developer/2017/09/29/getting-started-with-the-azure-ad-b2b-invite-api/
creating an invitation by posting to https://graph.microsoft.com/v1.0/invitations.
The users who accept the invitation are showing up as below:
we need these users to be in security groups, not O365 groups. Anyone know the best way to accomplish this?
...ANSWER
Answered 2018-Mar-26 at 05:39You can use Microsoft Graph to add a user to a group (even a guest user to a security group). Here's how: https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/group_post_members
Hope this helps,
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install azure-ad-b2b
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page