Forum Discussion
Azure Entra External ID - Password policy
Hi All,
I am investigating using Azure Entra External ID as an external identity provider for a web app but I want to be able to set the password policy for password reset etc but cant find anything in the documentation, I have posted on some other groups and my conclusion is you cant change the password complexity when using Azure Entra External ID, I wondered if someone could advise if this is correct and if so are there plans to add this, do you need additional licence, using this for various Saas projects and not being able to set your own complexity seems odd to me?
Not sure what the etiquette is for multiple issues but I have another issue with Azure Entra External ID, when a user that is not registered and try to login in the message shown to the user is "You can't sign in here with a personal account. Use your work or school account instead.", this is incorrect and very misleading, it should be something like "No account with this email could be found" can I change the message or have I just configured wrong?
Thanks in advance.
3 Replies
- Nichole_Peterson
Microsoft
Hi BitMan
Microsoft doesn't support questions here in Tech Community, so your best bet is to ask at Microsoft Entra External ID - Microsoft Q&A to get an answer from Microsoft.
Documentation is available at:
Microsoft Entra External ID documentation - Microsoft Entra External ID | Microsoft Learn ?
and Simplify customer identity management | Microsoft Developer
You can also open a support request in your Microsoft Entra workforce tenant https://entra.microsoft.com/#view/Microsoft_Azure_Support/NewSupportRequestV3Blade/callerName/ActiveDirectory/issueType/technical
Hi, thank you for your reply I will investigate further. Someone had previously mentioned about looking at language customisation in the company branding I'm not sure if this is the same as Localization XML but as said will research further and report back.
ThanksThe default error message, "You can't sign in here with a personal account. Use your work or school account instead," may not accurately reflect the reason for a failed login attempt, potentially causing confusion for users. While Azure Entra External ID does not offer a direct method for modifying this message, custom authentication extensions can be leveraged to intercept and refine error handling within the authentication flow. Specifically:
- OnAttributeCollectionSubmit: Enables validation and the configuration of custom error messages during the sign-up process.
- Localization XML: Allows modifications to localized strings, enabling adjustments to error messages displayed during sign-in failures.
