User Profile
chris-swapoo
Copper Contributor
Joined 5 years ago
User Widgets
Recent Discussions
Azure AD B2C Custom Policies Password Protection Smart Lockout feature is not working as intended
My team is trying to implement an account lockout based on the number of login attempts. In Azure AD B2C > Authentication Methods > Password Protection we changed the lockout threshold to 3 and lockout duration in seconds to 180 (3 mins). Then we tried it using our custom policy for sign-in, ran the policy directly from the portal with https://jwt.ms as a reply url. Here are some of the issues we came across while testing, one is that the account is never locked out even after 10 tries. Yes we are fully aware of the smart lockout feature, so we used a strong password generator for testing. But still, the account is never locked out. Then we found a quick fix/workaround in https://stackoverflow.com/questions/65802966/azure-ad-b2c-custom-policy-not-returning-account-lockout-error-50053#comment116482527_65802966. After implementing the quick fix, the user's account is getting locked out after 3 tries. But this is not consistent, sometimes the account is locked out after 3 tries sometimes after 4 or 5. And also, after the account has locked out there are occurrences that we can still successfully login right after the error message shows up that the account is locked out . Our questions are, is there an existing issue on Azure's side that prevents the use of account lockout feature in Azure AD B2C custom policies? If not, are we missing something when were setting up / configuring account lockout in Azure AD B2c > Authentication Methods > Password Protection in the portal? Do we need to add / remove something in our custom policies? Or are there other solutions for implementing account lockout based on number of login attempts? If there are no fixes / workarounds based on the previously mentioned questions, can we instead implement the account lockout feature https://docs.microsoft.com/en-us/azure/active-directory-b2c/javascript-and-page-layout?pivots=b2c-custom-policy?9.4KViews0likes3CommentsJira Service Management Customer Portal SAML SSO with Azure AD B2C as Identity Provider
We are trying to implement SAML SSO so that our customers don't need to sign-in in the customer portal. I'm currently testing the setup of SAML in a free trial Jira Service Management I've created (https://yummyteh.atlassian.net/) also with a free trial of Atlassian Access. We've already enabled and setup the SAML configuration under Security tab in Atlassian Admin and also enforced SSO for 1 user in Authentication Policies. We've also created a custom policy in Azure AD B2C that uses SAML2 protocol. This is the link we're using for an Identity Provider initiated SAML sign-in (https://swapoolabsdev.b2clogin.com/swapoolabsdev.onmicrosoft.com/B2C_1A_BASIC_SIGNIN_SAML/generic/login?EntityId=https://SwapooLabsDEV.onmicrosoft.com/atlassian-saml-test&RelayState=https://yummyteh.atlassian.net/jira/servicedesk/projects/CS/queues/custom/1) But when we're trying to sign-in a test account we're getting a 404 to this HTTP request (https://swapoolabsdev.b2clogin.com/swapoolabsdev.onmicrosoft.com/B2C_1A_Basic_SignIn_SAML/client/perftrace?tx=3be1fd6b-4ed4-42b9-b257-bd31fadfdcfc&p=null) This is the documentation we're following (https://docs.microsoft.com/en-us/azure/active-directory-b2c/saml-service-provider?tabs=windows&pivots=b2c-custom-policy#next-steps). I hope someone can help us, thanks in advance.3.5KViews0likes1Comment
Recent Blog Articles
No content to show