I've created company branding from the Azure portal for my application.
This is working as expected for the first page i.e, the username page. When I click on next for the password page, the custom branding disappears and default Microsoft background appears.
I want the branding to be continued for the password page also so that there would be consistency.
You probably try to sign in with a Microsoft Account instead of your Azure Active Directory account. If you sign in with a "native" Azure Active Directory account you will continue see your company branded page.
You can customize your Azure AD sign-in pages, which appear when users sign in to your organization's tenant-specific apps, such as https://outlook.com/contoso.com, or when passing a domain variable, such as https://passwordreset.microsoftonline.com/?whr=contoso.com.
Your custom branding won't immediately appear when your users go to sites such as, www.office.com. Instead, the user has to sign-in before your customized branding appears.
Visit this link for more information
https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/customize-branding
Related
I am working on a project using power pages, one of the client's requirements is that the home page perform the role of login page. So far so good, but it also requests that the only users that can enter the site are only users that belong to your organization, with this I thought of using azure ad. Power pages already comes with a button to be able to login with azure active directory. I need that from my form sending the email and password to carry out the same process as with the button.
I have an Enterprise Application registered on Azure Active Directory and I want only certain AAD users to be able to access it. I have created a user group for the authorized users and everything works fine. The users who are not assigned to the application, as expected, can't sign-in and they get an error message like the following after successful authentication. Is it possible to customize this message? I just need to add a support email address.
Customization of error message in AzureAD may not be possible as in AADB2C. You may try to give the support email in "sign-in page text and formatting" entry box through Company branding page for AAD sign-in .But this page appears as background in sign in page no matter success or failure of user authentication.
Note :Company branding requires azure ad Premium 1, Premium 2, or
Office 365 (for Office 365 apps) licenses.
I am unable to delete the b2c tenant created by me during a lab demonstration of how to integrate social IDP to a web app. I followed and completed all the processes but the delete tenant button stays greyed out.....It says "Remove Domain Services"...and has been stuck on there ever since1... Click on the Hyperlink to view image
remove domain services error
But once i click there to remove it...It displays nothing....
After clicking on "Remove Domain services"
According to the link provided by #Raghavendra- MSFT Identity.We can create an user account named like 'admin#personal_b2c_account.onmicrosoft.com' in B2C directory, and assign the 'global administrator' role. Logging in as this user, there will be no error to remove domain services, only to remove users. Removing the personal account from the B2C directory, and we are able to delete the directory after that.
And click Azure AD Domain Services in the picture shown, the welcome to azure! interface will also appear.It seems to be a bug in the system. Because the domain services error will only come if you ever had enabled Azure AD domain services on your environment.
The "edit profile" policy has 3 possible page customizations exposed through the Azure portal:
When invoking this policy, the first page displayed to the user is the IdP selection page. If, on this page, the user chooses the "local account" identity provider, the next page shown is a local account sign-in page.
This sign-in page has the default Microsoft branding, and since it's not listed in the customization blade, I don't know how to customize it:
How can we customize the UI of this local account sign-in page when it's shown as part of the "edit profile" policy?
A new user journey SignInV2 is in private preview. This will be fully customizable signin user journey. The user journey can be tried from https://aka.ms/b2cnewportal
For local account opt-in to signinv2, please mail to aadb2cpreview#microsoft.com
EDIT
A ProfileEdit V2 user journey will also be rolled out soon. That would be fully customizable.
In the B2C tenant, you cannot change the Microsoft branding in the "edit profile" policy.
From the shown picture, in the Page UI customization, you can only change the custom page URI, there is no option to change the company branding.
If you want to change the company branding, you can make it in Company Branding.
I'm trying to use Video Indexer API (v2). But when I try to sign in to it using the the Azure Active Directory, I get this message:
Selected user account does not exist in tenant 'Microsoft' and cannot access the application 'da0eb6e2-d2bd-4cbd-ad65-81ddc43546e2' in that tenant. The account needs to be added as an external user in the tenant first. Please use a different account.
I'm not sure what the issue is?
Sign-in to the VideoIndexer developer portal has been revised.
We unified the developer portal sign-in with that of the VideoIndexer site.
The screenshot in #Mohit_Garg comment in no longer relevant. This is our new sign-in experience.
The first option should be used in case of Active Directory accounts. This is also the only option that will allow you to use Video Indexer paid.
In many cases users selected the Microsoft option in the old authentication method when they actually wanted AAD option.
After the new experience they select the first option "Sign in with a corporate account" and get a message saying that an account with that E-Mail already exit.
An Email is unique in Video Indexer developer portal. So if you want to use your AAD but previously opened an account in the developer portal using a different authentication method you will need to sign-in using the original authentication method and close the account in your developer profile page. After the account removal you will be able to sign in with different authentication method.
More info can be found in the official video indexer documentation
Clarification: I'm a developer in the Video Indexer team.
Follow below steps to Subscribe to the API -
Sign in.
To start developing with Video Indexer, you must first Sign In to the Video Indexer portal.
If signing in with an AAD account (for example, alice#contoso.onmicrosoft.com) you must go through two preliminary steps:
A. Contact us at visupport#microsoft.com to register your AAD organization’s domain (contoso.onmicrosoft.com).
B. Your AAD organization’s admin must first sign in to grant the portal permissions to your org. To do this, the organization's admin must navigate to https://videobreakdown.portal.azure-api.net/signin-callback?provider=Aad, sign in and give consent.
Subscribe.
Select the Products tab. Then, select Production and subscribe.
Once you subscribe, you will be able to see your subscription and your primary and secondary keys. The keys should be protected. The keys should only be used by your server code. They should not be available on the client side (.js, .html, etc.).
Start developing.
You are ready to start integrating with the API. Find the detailed description of each Video Indexer REST API.