azure-docs | Open source documentation of Microsoft Azure | Azure library

 by   MicrosoftDocs PowerShell Version: Current License: CC-BY-4.0

kandi X-RAY | azure-docs Summary

kandi X-RAY | azure-docs Summary

azure-docs is a PowerShell library typically used in Cloud, Azure applications. azure-docs has no bugs, it has no vulnerabilities, it has a Permissive License and it has medium support. You can download it from GitHub.

Open source documentation of Microsoft Azure

            kandi-support Support

              azure-docs has a medium active ecosystem.
              It has 8812 star(s) with 19762 fork(s). There are 549 watchers for this library.
              It had no major release in the last 6 months.
              There are 4025 open issues and 70060 have been closed. On average issues are closed in 168 days. There are 272 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of azure-docs is current.

            kandi-Quality Quality

              azure-docs has no bugs reported.

            kandi-Security Security

              azure-docs has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

            kandi-License License

              azure-docs is licensed under the CC-BY-4.0 License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              azure-docs releases are not available. You will need to build from source code and install.
              Installation instructions are available. Examples and code snippets are not available.

            Top functions reviewed by kandi - BETA

            kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
            Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of azure-docs
            Get all kandi verified functions for this library.

            azure-docs Key Features

            No Key Features are available at this moment for azure-docs.

            azure-docs Examples and Code Snippets

            No Code Snippets are available at this moment for azure-docs.

            Community Discussions


            Azure Active Directory override claim value in OIDC id-token
            Asked 2022-Jan-08 at 14:24

            I'm looking for a way to ensure that the unique_name claim value is always the user email for a specific app in AAD which is accessed via SSO. I've noticed that for users which have an AAD account, the unique_name claim value is the email address, but for external users (invited to the directory) it is prefixed by "" (e.g. The application uses the OIDC protocol. I've been trying different things from Microsoft docs:

            1. Setting a different source for the unique_name claim (I'm not sure if this applies, given the app uses OIDC, not SAML)

            (By the way, that documentation is a bit out of date because I found that the "User Attributes & Claims" section is now in SSO

            1. Building a claim-mapping policy

            None of these worked.

            I know this would be trivial in AAD B2C with custom policies. Is it possible to override the unique_name claim with the email claim in AAD?

            Update 07/01/2022

            After further investigation I found that the unique_name claim is only supported in v1 tokens, (the current version is v2) and it's transformed into "" by the ADAL client. This customization I'm after is for a legacy .NET app which uses ADAL on the v1 AAD endpoint. The only way I can think of how to achieve this is via a claim-mapping policy, however I haven't been able to do make it work. Any ideas would be appreciated.



            Answered 2022-Jan-08 at 14:24

            I believe I've found an answer to my question and the conclusion is that it's not possible to override the unique_name claim, because it's a restricted claim. The closest I got was to map the mail claim to a custom claim (e.g. unique_name2). This is what I did:


            1. I installed the Azure AD PowerShell Module public preview (I had to uninstall the AD Powershell module first because I already had a later version)

            2. I followed the instructions on the document above to connect to AAD and view any existing claim mapping policies

            Connect-AzureAD -Confirm


            1. I followed the instructions on to build a claim mapping policy, although I had to adapt it because it wasn't working. I ran the following commands:

            3.1 I used the search command to search for my app (called "test").

            GET-AzureADServicePrincipal -SearchString Test

            This outputs a table like the following:

            ObjectId AppId DisplayName

            3.2 I ran the following command to create a new mapping policy which maps the "mail" claim to the "unique_name2" claim. (When I tried mapping to "unique_name" it works, but the "unique_name" claim doesn't get overridden, because it's a restricted claim)

            $Policy=New-AzureADPolicy -Definition @('{"ClaimsMappingPolicy":{"Version":1,"IncludeBasicClaimSet":"true", "ClaimsSchema":[{"Source":"user","ID":"mail"},{"Source":"transformation","ID":"DataJoin","TransformationId":"JoinTheData","JwtClaimType":"unique_name2"}],"ClaimsTransformations":[{"ID":"JoinTheData","TransformationMethod":"Join","InputClaims":[{"ClaimTypeReferenceId":"mail","TransformationClaimType":"string1"}], "InputParameters": [{"ID":"string2","Value":""},{"ID":"separator","Value":""}],"OutputClaims":[{"ClaimTypeReferenceId":"DataJoin","TransformationClaimType":"outputClaim"}]}]}}') -DisplayName "MapMailToUniqueName2" -Type "ClaimsMappingPolicy"

            3.3 I ran the following command to add the custom policy to my app service principal (copying the id from step 3.1). This means the policy will be applied only to that specific app.

            Add-AzureADServicePrincipalPolicy -Id {my app service principal id} -RefObjectId $Policy.Id

            That's all. When I tested SSO on my app, I had an additional claim "unique_name2" which contains the value of the "mail" claim. There probably is a more efficient way of creating the mapping policy in step 3.2 but the way described in the step 3 link wasn't working for me so I came up with a concatenation to a blank string.

            It doesn't seem possible to override the unique_naim claim because it's a restricted claim. I later found that this is actually documented here I wish I had found this earlier.



            Invalid Audience when protecting Azure Function with App Service Authentication (EasyAuth) and a Custom OpenID Provider
            Asked 2021-Dec-19 at 18:10

            I have an Azure Function (tried both Windows and Linux Consumption) using Azure App Service Authentication (Easy Auth) with a custom OpenId Connect provider to authenticate my Azure Function with an http trigger.

            I configured a client in my Identity Provider (based on Duende Identity Server), acquired a token and then sent a request to the Azure Function (contains just the code that is initially created by Visual Studio when creating a Function App project).

            This is the configuration I made in the Azure Portal:

            When I now send the request to the Azure function endpoint I always get the following error:



            Answered 2021-Dec-19 at 18:10

            You should try using the Client ID as the scope while generating the token.

            In some cases appending /.default to the scope helps. Example eda25bbe-a724-43ba-8fa3-8977aba6fb36/.default.



            azure-sdk-for-java eventhubs Partition has been lost
            Asked 2021-Nov-30 at 09:03

            We recently deployed azure event-hub java receiver/listener client by following azure-docs.

            I truly believe arrays starts with 0, but that has nothing to do with this question. So anyways, I observed the following error raised from processError & also processPartitionClose



            Answered 2021-Nov-30 at 09:03

            Do azure-sdk-for-java-sdk-eventhubs reconnect on such partition lost automatically ?

            Yes, the EventProcessorClient in azure-messaging-eventhubs library will reconnect on such partitions. You don't need to change anything manually.

            If there are multiple instances of EventProcessorClients running and they all process events from the same Event Hub and use the same consumer group, then you see this LOST_PARTITION_OWNERSHIP error on one processor because the ownership of a partition might have been claimed by the other processor. The checkpoints are read from the checkpoint store (Storage Blob in your code sample above) and the processing resumes from the next sequence number.

            Please refer to partition ownership and checkpointing for more details.



            Issue with using of PowerShell module for Azure AD to manage groups
            Asked 2021-Oct-21 at 09:14

            fellow engineers!

            There is a need to transfer group owner from attribute "managedBy" (CN=%username%; part) of on-prem AD to Azure AD's "Owner" field of the same group (groups are synchronized, so it has same naming both in on-prem and Azure AD).

            Issue is, that the process need to be automated, but there is not much options:

            1. Module for AAD group management for PowerShell (but it doesn't work PowerShell ver7, because of .Net's core issue:

            2. Answer from another question on StackOverflow, but it doesn't seem to be my thing (because the need to deal with Extensions): How to add a Group Owner in Azure AD for the Group synced from on-premises active directory

            3. Some kind of work-around with Graph API, but it isn't my choice too, since process need to be automated:

            So, maybe somebody stuck with same need or maybe could suggest a workaround with the PowerShell module, since there is not much of pleasure to go through more than 100 groups adding owners



            Answered 2021-Oct-21 at 09:14

            • Since, all the on-premises Active Directory groups are synced to Azure AD and all the groups have the same naming in Azure AD as that of on-premises active directory, then you can change the group owners of all the groups that are synced from on-premises AD to AAD by executing the below commands: -



            Azure Function, Consumption plan, Linux, mitigating "FTPS should be required"
            Asked 2021-Oct-14 at 21:44

            Per an Azure Support response in an Azure Docs github issue (, Consumption-tier Azure Functions on Linux don't support the General Settings tab

            [I]t is by design that "General Setting" tab is not available for Linux Consumption function app.

            Additionally, they don't support FTP or FTPS connections at all

            When using the Consumption hosting plan, your function code and binding configuration files are stored in Azure File storage in the main storage account, not persistent file server. Actually it is not even possible to FTP to it. You will see /home folder is empty.

            Finally, an Azure Advisor "High Impact" Security recommendation states

            FTPS should be required in your function app

            Given that there's no way to change it in the portal, how can you mitigate the recommendation?



            Answered 2021-Aug-27 at 13:35

            Disabling FTP/FTPS can be done through the Azure CLI:

            az functionapp config set --ids "YOUR APP ID HERE" --ftps-state Disabled

            Given that FTP/FTPS isn't useful on Azure Functions Consumption plans (per the noted support response), you can also run the following to disable FTP/FTPS on all Azure Functions:

            az functionapp list | ConvertFrom-Json | ForEach-Object -Process {az functionapp config set --ids $ --ftps-state Disabled}

            Alternatively, you can mark the Azure Advisor recommendation as Mitigated through the Azure Portal. This can be done by clicking into the recommendation, checking all the affected resources listed under "Unhealthy resources", then clicking "Exempt".



            Azure ADB2C Single Sign Out W/ Azure AD as Identity Provider
            Asked 2021-Sep-17 at 19:51

            I have a React SPA which uses msal. I have configured Azure AD as Identity Provider for my AADB2C. I can signIn/signOut and other operations.

            If my user signs out off my application, I want to also sign out of my Identity Provider. I looked a bit into this matter 1, 2, 3, 4, 5.

            At this moment, I use msal's logoutRedirect method.



            Answered 2021-Sep-17 at 19:51

            You are doing an RP Initiated Logout in OpenID Connect terms, meaning you need to also send the id_token_hint query parameter.

            I can also confirm that sending both query string parameters logs out successfully for my Azure developer account:



            Azcopy interprets source as local and adds current path when it is a gcloud storage https url
            Asked 2021-Jul-27 at 12:45

            We want to copy files from Google Storage to Azure Storage. We used following this guide:

            We run this command:



            Answered 2021-Jul-27 at 12:45

            The reason you're running into this issue is because the URL is hardcoded in the application source code for Google Cloud Storage. From this link:



            Azure B2C SAML Authentication - AuthRequest does not have assertion consumer service URL error
            Asked 2021-Jul-24 at 15:27

            I've followed the steps from

            While testing receiving the error "Application registered corresponding to IssuerUri "">" in AuthRequest does not have assertion consumer service URL "">" specified in its metadata."

            Using SAML tracer, I can see both my SAML Request and Response contains same AssertionConsumerServiceURL. MS document says: If you choose to configure the reply URL and logout URL in the application manifest without populating the application's metadata endpoint via the samlMetadataUrl property, Azure AD B2C will not validate the SAML request signature, nor will it encrypt the SAML response.

            I can some workaround of specifying the PartnerEntity in the SP metadata URL for the Relying Party in the B2C_1A_signup_signin_saml custom policy.

            Unfortunately my web application security compliance does not allow to provide SP metadata endpoints. Do I need to host the SP / Appian SAML metadata file on Azure Storage account OR Is this mandatory to provide SP meta data endpoint to refer from Idp application registration manifest?

            Second question, just want to make sure on the below. From MS Ref. doc: You can change the value of the IssuerUri metadata item in the SAML token issuer technical profile. This change will be reflected in the issuerUri attribute returned in the SAML response from Azure AD B2C. Your application should be configured to accept the same issuerUri during SAML response validation.

            My question on the above paragraph, IssueUri example can be (application / client id) Is this correct?




            Answered 2021-Jul-24 at 15:27

            "The username or password provided in the request are invalid" - This issue has been resolved by granting "IdentityExperienceFramework" (User_impersonation - Delegated Type) API permission. I could not see this solution on MS documents guidance, however this has resolved my issue. thanks.



            Limiting access to Azure Static Web App to single tenant
            Asked 2021-Jun-07 at 12:26

            An Azure Static Web App has a notion of auth that can be used to whitelist individual users, or individual identity providers (as in this question).

            Is it possible to require authentication through the particular tenant/organizational directory used to set up the resource, through Azure configuration alone, as is currently possible with the ordinary Azure Web App Service; that is, require authentication through AAD as in the above linked question, but furthermore restrict access to members of the relevant tenant? If so, what might the corresponding routes.json look like?

            See also this GitHub issue.



            Answered 2021-Apr-23 at 09:41

            Functionality defined in the routes.json file is now deprecated and better implemented in the Azure Static Web Apps configuration file.


            Example of Azure Static Web Apps configuration file.


            To limit access to Azure Static Web App within single Tenant, add route into configuration-file



            How to get a client token from Azure for Microsoft Graph using nodejs and node-fetch
            Asked 2021-May-13 at 01:19

            I've been trying to follow the direction here and applying it to nodejs.

            I'm getting the following error:



            Answered 2021-May-13 at 01:19

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network


            No vulnerabilities reported

            Install azure-docs

            Contributing to open source is more than just providing updates, it's also about letting us know when there is an issue. Read our Contributing guidance to find out more.


            Welcome to the open-source documentation of Microsoft Azure. Please review this README file to understand how you can assist in contributing to the Microsoft Azure documentation.
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
          • HTTPS


          • CLI

            gh repo clone MicrosoftDocs/azure-docs

          • sshUrl


          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Azure Libraries

            Try Top Libraries by MicrosoftDocs


            by MicrosoftDocsShell


            by MicrosoftDocsPowerShell


            by MicrosoftDocsPowerShell


            by MicrosoftDocsPowerShell


            by MicrosoftDocsPowerShell