Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

New Blog | Azure WAF tuning with AD B2C applications


Azure Active Directory B2C (Azure AD B2C) provides business-to-customer identity as a service to get single sign-on access to your applications and APIs. This provides an authorization layer for applications hosted behind Application Gateway and Azure Front Door. However, some false positives may occur during the final authentication process.

When working on false positives, a good practice is to look out for results with similar tracking reference. (See Understanding WAF logs). Tracking references give an overall idea of the added scores that led to a block. This can be seen in logs with action_s for a “block” entry, followed by a series of action_s for “Anomaly scoring”. By creating an exclusion on the matched field, you can effectively reduce the score and remediate the false positive.


Read the full announcement here: Azure WAF tuning with AD B2C applications 

0 Replies