I’m managing user authentication settings in Entra ID (Azure AD), and I’ve encountered an inconsistency that I can’t explain. When I review the authentication methods enabled for my tenant, the “Software OATH token” does not appear in the list of available methods. Specifically, the enabled methods are as follows:

I have requested for the AADFirstParty App Owners entitlement
enter image description here

what permissions does the service principal need to enumerate user profile info i.e. department, email, etc..

We have implemented an Azure AD B2C custom policy, and while all flows work fine in our test environment, the password expiry flow does not function correctly in production. Here are the details:

I have an Azure app that returns a bearer access token. I use the Windows Account Manager (WAM) so there’s a special redirect URI. I’m using the following code to refresh the token but I’m getting a 400 response. I am sending the access code before it expires and I get the redirect URI right off Azure. I’m not certain though on the url of the PostAsync:

When I try to add a new permission to an existing Azure App registration then I get the following error:

I’m attempting to use Microsoft’s Graph API to access calendar information on an application I’m building, using C# and .NET. As I understand it, you must set the TenantId while setting up authentication to “common”, as this will allow either Microsoft emails or personal emails to use the app registration.

My client secret is expired so I need to update the secret in existing application. how can I update secret. Please suggest me.

I choosed ‘Sign-in options’ and login (use personal account) with USB-Key, I expected the authorization will succeed.

I was able to register the Root certificate with Azure, but the certificate login does not work.
Is it possible to use CBA with a Private certificate?