Forum Widgets
Latest Discussions
Unable to integrate Amazon Managed Grafana on Azure
Hello everyone, I am struggling here with Amazon Managed Grafana on Azure (the one available on Gallery). Have checked MS and AWS documentation and isn't clear regarding assertion mappings. Currently we are able to reach this error, when logging in with a user that do part of a group that was included on that AMG app in Azure (have test with another user account not there and gets blocked): From Entra ID sign in logs, is all good. So I think that could be related with AWS side, mostly assertion attributes that I have tried with what I have on Attributes & Claims on Azure app, but no luck :(. What I have on Azure app: What I have on AMG:
Accessing a deployed NodeJS app?
I'm a complete noob to Azure. I have managed to deploy a NodeJS all to a Function App (container?). I can go into Deployment > Advanced > Kudu and then to Debug Console > CLI, and it will show a directory listing. In my case, I see: A/SP.NET /data /LogFiles /ShutdownSential /site .gitconfig gitsafedirectory.marker So I go into /site and then into /wwwroot, and I see my files: /node_modules host.json index.js The default URL for this is (I obfuscated the sensitive bits) is blahblah-func-70.azurewebsites.net. If I go to this URL I get a pretty page saying my function is running. What I need to get to is the index.js file. What URL do I use to do that? If I append /index.js to that URL, I get a 404. Thanks!
Trying to create token with scope https://cnt-prod.loadtesting.azure.com
Hello. I have created a web app, and updated its permissions within Azure App registration. To be able to access Graph, and Azure Management (user impersonation) Using Microsoft.identity.Web I am able to add a downstreamAPI, and make a successful call to it. response = await downstreamApi.GetForUserAsync<HttpResponseMessage>("Azure Management", options => { options.RelativePath = relativePath; }); if (response?.IsSuccessStatusCode ?? false) { string responseData = await response.Content.ReadAsStringAsync(); } However when I try to create a token with a different scope, for example. var token = await tokenAcquisition.GetAccessTokenForUserAsync(new[] { "https://cnt-prod.loadtesting.azure.com/.default" }); The general error I get is that my app is trying to access a resource its not allowed to. However I cant find this resource at all to give it access (Within App Registration and API permissions) With Azure Load Testing, I have learned there is a resource plane and a data plane. The resource plane requires management.azure.com, but the access to the data plane requires https://cnt-prod.loadtesting.azure.com/.default (from the tests I have done in powershell). Anyone else come across this similar issue? Any assistance is greatly appreciated. Thank you
Azure Logic App - Scheduler is delayed but needs to run on a certain time
I have a workflow which should run every day at 6am, but on several days it is delayed up to 4 hours or sometimes more. And it is not, that the workflow is triggered at 6am and was on hold for 4 hours, it is, that the trigger itself was fired delayed. I have an Azure Logic App in standard tier. Currently I have 10 Workflows deployed, some of them with Blob triggers, some of them with schedulers. At least one of the Workflows has a very high load of consumption. These high loads are usually between midnight and 1am. I am aware, that if there is a workflow, which has a huge number of parallele instances, could affect other workflows. But is there a chance, to make sure, that the scheduler is triggered at the right time? Is there an option, that a certain workflow could be prioritized? The config of my scheduler is as followed: { "type": "Recurrence", "recurrence": { "interval": 1, "frequency": "Day", "timeZone": "W. Europe Standard Time", "schedule": { "hours": [ "6" ], "minutes": [ 0 ] }, "startTime": "2024-10-07T06:00:00Z" } } In the trigger history I can see, that the scheduler was "fired" to late:
Authentication deadlock
I got a Microsoft 365 developer account and a sandbox as well. Many months ago it asked me to configure 2FA which I did using Microsoft Authenticator app on Android. I also had other 2FA setup on the same device for some work accounts. Later, somehow my sandbox account got deleted or overwritten from the authenticator app on my phone. I haven't been able to login to my Office 365 sandbox ever since. Ever flow I try asks me to use the authenticator on application. But the problem is that access to authenticator for 2FA was lost due to an app error. Our company's IT department said they can't do anything about it. I tried to delete the profile but when I created it Microsoft gave back the same sandbox which was already not working. My employer spends a good deal of money on Microsoft and it's very upsetting to get such a treatment from Microsoft. This account is needed for my office work. Help appreciated.
SalesForce SSO
Production SalesForce instance has SAML configured, has been active for years and everything continues to work as desired. New instance of SaleForce, data will be migrating over soon. Setup another SAML application in Azure for SSO to the new instance, everything looks to be correct. When I hit SSO for the new instance of SF it fails with a default something went wrong with SSO blah, blah from SF, no errors or correlationID. Azure sign-in logs show correct time stamp and a status of success. I'm thinking the hand off has been successful so SF should be happy. On the SF side there are no login attempts at all; it's like nothing even tried to auth. SalesForce support has been helpful, but the ticket remains open. Looking for ideas, how do I capture where the hand off is failing, how do I fix this?AD B2C - Custom Policies - RaiseErrorIfClaimsPrincipalDoesNotExist in Password Reset journey
Hi, I'm using custom policies in our web app. For the Reset Password, I'm using the standard PasswordReset user journey provided with the local account starter pack. This journey references to <UserJourney Id="PasswordReset"> in the TrustFrameworkBase policy. At the moment, if a user is not registered in the web app, the password reset journey still sends an OTP to the email. The email receives the OTP, even if not registered, and can insert the code. Once the code is validated, clicking on the "Continue" button does nothing. The user is stuck on the page without any information. Checking the console I found out that the SelfAsserted call returns the error "404 user not found". I would like to stop the user before sending the OTP and inform him with an error message (that the account is not registered and to proceed with the registration). I tried to add: <Item Key="RaiseErrorIfClaimsPrincipalDoesNotExist">true</Item> in the TechnicalProfile of the first OrchestrationStep, but it does nothing. Any suggestion on how to stop a non existing user from proceeding to the Reset Password journey? Thank you very very much if you can help me.
Access denied when trying to publish web app
I am trying to publish my web app using powershell command "Publish-AzWebApp". But, it only responds saying that access is denied to the zip-file I am pointing to using -ArchivePath. The zip-file in question has read access for EveryOne so access really should not be an issue.
