Cannot change authentication account on Logic Apps - azure

I am trying to build a logic app to email results of a devops query on a regular basis. When I use the 'Get query results' block in logic apps, I am unable to authenticate with my primary email address. Instead Logic Apps keeps picking up my alias email address when I try to change connection. No sign in screen is displayed so I assume my credentials are cached somewhere.
Any ideas on how I can change the account I use to login with?
Update
Trying to add a new connector using 'add new'
No option to sign in. Defaults to .uk account rather than using .co.uk account that I am signed into through Azure.

Under API Connections you can find any connections the Logic App is using. Click a connection to be able to edit or delete it.
EDIT:
If you would like to use another email address instead of the current one, delete the connection and create a new one from the Logic Apps designer.

Related

How to disable the custom domains filtering in Azure AD

Do you know if there is a way to disable the only verified custom domains usage when new create a new Azure Active Directory user.For example i want to create a user that is using gmail. I have tried to add gmail as custom domain and verify it, but noticed that the steps are related to the dns records of the domain so i cannot do this. I know i can use the invitation service, but i want to directly to create the user without invitation. So did someone experienced this, and if soo i am open for advices.
Have a nice day and stay safe.
It is not possible to create a user in Azure Active Directory that is using Gmail. In order to create a user in Azure Active Directory you need to add your domain and verify in Azure Portal.
You need to get your domain name by Go daddy etc... then you need to add in Azure Active directory and verify it. After that you can create a user name under that domain.
I recommend you to go through this two documents to get more detailed information.

logic app : use another account to send mail

I am searching a way to automate some email reporting
I have build a process with a logic app to do that. The problem is when I want to create an API connection to office 365 with another account than mine (for example email.reporting#xxx.com), I cannot because I am log with my personal account, so it always use my account to create the API connection.
I cannot also log to the portal with this other account because it doesn't have any access. What is the best way to do that?
Is it possible to give the access to the logic app to this other account then I can access to it and change the connection?
Or there is a trick that allow to change api connection directly?
Thanks
In my test I could use two different account to send mails, cause you don't show how you add account, maybe you could refer to my below steps.
After I set an action to send mail then I add other action to send mail, choose Change connection, then choose Add new, it will pop up a page you could choose existing account also could Use another account.

Custom Azure B2C Password Reset Flow via Username

I setup a password reset flow using Azure B2C and local Azure accounts that uses the user's email address and verification code. However, my client would like to have a password reset email sent to the user based on the user name, not email address. The user email would be looked-up behind the scenes and an email sent that would include a link to the password reset page as shown in the flow below.
After reading a gazillion articles on custom Azure B2C policies, I'm struggling to convince myself if it is possible to do what the client is asking for using Azure B2C.
In the sample password reset flow shown below, some of the areas I'm struggling with include:
Is it possible to create custom pages in the password reset flow such as the page in Step 4 that displays the user's masked email address, or the information page in Step 7?
Is there built-in functionality to look-up a user's email address and Active Directory Object ID based on their user name or would I have to call out to a custom Azure Function and use the Graph API to do this?
Is it possible to create and send a custom email that includes a hyperlink to the password reset page that includes the user's Active Directory Object ID as a query string parameter so the password reset page knows which user's password is being reset?
At the moment, it seems like it would be easier to create a completely custom ASP.NET MVC app to handle the requirements than it would be to use Azure B2C custom policies, but that isn't really a path I want to go down.
Is it possible to create custom pages in the password reset flow?
Yes you can create your own custom password reset user flow using azure active
directory B2C
In your case if you want to figure out your custom page you could
refer here
Is there built-in functionality to look-up a user's email address and
Active Directory Object ID based on their user name or would I have
to call out to a custom Azure Function and use the Graph API to do
this?
Using Microsoft Graph REST API you could fetch your user
information.
In your case you could use
List users
Get a user
To access user information you could also refer here in a great
details
Is it possible to create and send a custom email that includes a
hyperlink to the password reset page that includes the user's Active
Directory Object ID as a query string parameter so the password reset
page knows which user's password is being reset?
You can use the company branding feature to customize the
content of verification emails for resetting password.
Note : For better clarity you could check the Azure AD B2C: Frequently asked
questions (FAQ) before final work around Which definitely guide you to
define ultimate go ahead.
Update
As per Microsoft document right now you cannot create according to your sample exactly. See the screen shot there is and important remarks.
Thank you.
This GitHub project covers the case you describe. Still needs a lot of understanding about custom flows to get it working.
https://github.com/yoelhor/aadb2c-verification-link

Azure Applications; How to create a separate authorization page for out of network users

I've been tasked with figuring out a way to make a certain set of Azure users authenticate to a Web Application by accepting/denying a warning message that should be presented before the users are directed to the application itself. The users that should not go through this process are in-network users.. they should be able to input the URL and be presented with a sign-in page and from there they will have access into the application. This has already been configured via Azure AD but the previous issue for out of network users is what i'm having issues with.
My current thoughts on this is to create an a simple authorization page created by an azure function that out of network users will be directed to because the IP addresses will be placed in a conditional access rule to do so. From the simple page the user will be directed to the application or logged out if they choose cancel.
This is just a thought but definitely open to suggestions. Thoughts?
For those who may have been interested in an answer for this question I have figured it out. In order to do this I had to create a "Terms Of Use" within Azure Active Directory. This Terms of use consisted of a pdf file containing the information my user needed to view before accept/deny could be clicked. On the "Terms Of Use" was created I then created a custom conditional access policy which included users needing to accept the "Terms Of Use" before being able to access our Portal or Applications. Hope this helps

Azure Management URL

So, finally I decided to jump into the Azure bandwagon and create my own portal. At the moment, my apps are hosted on Google Apps and I'm considering moving them to Azure and O365 before which I wanted to trial and get the taste of MS Azure.
I signed up for a trial subscription and my management URL ended up something like https://manage.windowsazure.com/#MynameMydomainname.onmicrosoft.com. So I decided to delete this account and set up a new account altogether trying to sign up with a new domain alias. And now it is https://manage.windowsazure.com/#MyaliasMydomainname.onmicrosoft.com. MS Support would't help and would want me to sign up for O365 which I don't want to at the moment.
Why my management portal always has my complete e-mail address and how do I edit it?
Edit: Thought would add the following example to explain my problem a bit easier.
My name is Muthu and I already have an e-mail address Muthu#Contoso.com and now I attempt to set-up my Azure around it. I sign up for a Microsoft account with the e-mail address Muthu#Contoso.com, provide my card details and successfully set up the account. Now, the logon URL looks like https://manage.windowsazure.com/#MuthuContoso.onmicrosoft.com and the default directory has the UPN of #muthucontoso.onmicrosoft.com.
I set up an account for a user Eddie, George and Mark and their UPN appears as follows:
Eddie#muthucontoso.onmicrosoft.com
George#muthucontoso.onmicrosoft.com and
Mark#muthucontoso.onmicrosoft.com.
How do I get rid of my name from the domain name here?
P.S.: I managed to get rid of my name from the Management portal URL by simply verifying my ownership of contoso.com using O365 control panel but still couldn't get around to rename the default directory. I can't force my name for the users in my organization just because I signed up for it. There should be some way around. Kindly help.
When loging in you're actually signing in to an aad tenant.. Which is bound to a subscription... As you can have multiple subscriptions and tenants they need to show you where you are

Resources