Unanswered

External Azure Active Directory Enabled but not Working - Portal

(0) Share

Report

Posted on by Community Power Pla...

Hi Experts,

I need to use External Authentication and I have enabled the "Authentication/Registration/AzureADLoginEnabled" Site Setting (i.e which will work for the same tenant users to authenticate in the portal) but it is giving the below message when we click on the Azure AD button:

Azure AD Issue

Please let me know what is the issue which is causing this.

Thanks,

Amit

Categories:

Power Apps portals

I have the same question (0)

All responses (4)

Answers (0)

Ulrikke Akerbaek 101 on at

Like (2)

Report

Hello @Anonymous

The "Authentication/Registration/AzureADLoginEnabled" setting is referring to the default AzureAD authentication that came out of the box with your portal.

If you want to allow users within local AzureAD to login you don't need the external authentication.

If you need users from other tenants to login with their Azure AD users then you would need to setup an external authentication in Azure using AzureADB2C as provider. Documentation is found here: Configure the Azure Active Directory B2C identity provider for Power Apps portals. - Power Apps | Microsoft Docs

There is a new user experience for setting up authentication from the Power Apps Admin portal at https://make.powerapps.com

That's where you can configure AzureADB2C without being too familiar with Azure (like me).

Read the documentation about the new experience here for more information: https://docs.microsoft.com/en-gb/powerapps/maker/portals/configure/use-simplified-authentication-configuration

Hope it helps 🙂

Was this reply helpful? Yes No
Community Power Pla... on at

Like (0)

Report

Hi @UlrikkeAkerbæk
Thanks for your response!
I am sorry for not being clear but yes The "Authentication/Registration/AzureADLoginEnabled" setting is referring to authenticate the same tenant user by there Microsoft account.
I have asked the Global admin user to approve that, so that we can use the Azure AD authentication but after global admin approve it, now it is not showing that message by it not authenticating and after clicking on the button it is redirecting to login screen.
Any help on this?

Thanks,
Amit

Was this reply helpful? Yes No
ragavanrajan 7,044 Most Valuable Professional on at

Like (1)

Report

Hi @Anonymous , if you prefer this method. To avoid the error what you are getting
By Admin:
1. Login to https://portal.azure.com/
2. Click on Azure Active directory > users > Add guest users
3. Add their email id as invite user

4. Once the external user email address has been added as guest

Then do the portal sync configuration. Then external users can login with Azure AD.

Note: As @UlrikkeAkerbæk Microsoft preferred way is Azure B2C. But the solution I have mentioned also works.

------------

If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.

Was this reply helpful? Yes No
Community Power Pla... on at

Like (0)

Report

Hi @UlrikkeAkerbæk ,

Just as we did in Innovation Norway enabling support for custom external ID(entity)P(rovider)’s, have you seen any solutions to this:

https://powerusers.microsoft.com/t5/Power-Apps-Ideas/Pass-through-domain-hint-and-login-hint-to-different-external/idi-p/1457608

I will send over some more examples to you..…..

Multi tenant Azure AD works excellent, even with idp_accesstoken; amazing what the Microsoft Identity has delivered. In the Custom Policies in Azure B2C you can do alot.

BTW:
@NoName you should also have a look at this:

https://techcommunity.microsoft.com/t5/azure-active-directory-identity/collaborate-more-securely-with-new-cross-tenant-access-settings/ba-p/2147077

Best regards
MrSmith

Was this reply helpful? Yes No