I receive push messages for Microsoft account sing-on. I deleted my phone authentication from SharePoint and I am unable to sign-in now. I am the admin for the microsoft365, SharePoint.
You may get help here:Common problems with two-factor verification and your work or school account
Otherwise, you may have to contact official technical support for o365:Ways to contact support for business products - Admin Help
Related
I have created an application to use the Office 365 Exchange Online (Microsoft.Exchange) API. I set successfully set up permissions as described here MS Integrating Applications on an existing development Azure Account. See APIs available on original account.
However, now I want to set up a similar app in a new Azure account so I can have a different visible domain for the permission sign up process. However, on this new account the Exchange Online API is not visible to select as a required permission.
This account only exists as a place to register the App so it doesn't itself have any users or need any licenses but do I have to have a license associated with that account just to be allowed to add a particular API to the required permissions? The documentation doesn't mention anything about this that I can see.
do I have to have a license associated with that account just to be
allowed to add a particular API to the required permissions?
Yes, you're right. You have to have a Office 365 Exchange Online license for your Tenant.
Why:
These APIs are exsiting in the AAD as service principal (Enterprise Applications). If you don't buy Exchange Online license, it won't occurs in the Enterprise Applications in your tenant. Once you buy the license, it will be automatically added to the Enterprise applications, meanwhile you can use its API via AAD.
This makes sense because if you don't have the license, you cannot use the product and you cannot use its API neither.
The documentation doesn't mention anything about this that I can see.
Yeah, the documentation maynot mention this and it should be noticed in the documentation. You can sign in the documenation webiste via a github account and give a feeback to the documenation Team:
Hope this helps!
I have used OAuth1+XOauth to connect to Gmail for a custom enterprise application. The application is being used by many customers. Now some of them are reporting that, it's not working correctly for few users in their organizations. I could see in the Gmail Page that Google has deprecated OAuth1 and asked to migrate to OAuth2. If that is the case, May i know, if Google still accepts OAuth1 tokens as i could see that its working for some of the customers?
Please let me know if i can provide more information, as this is a high demanding feature for our enterprise
Thank you
OAuth1 for consumer accounts was shut down last year but we gave a longer grace period for enterprise customers so they can migrate. That is why it is still working but expect it to shut down in the next few months. Is there a reason, you don't want to switch to OAuth2?
I need an application on Office 365 which authenticate user of my Active Directory as well as other Active Directory.
Example.
My Domain is "Sample.com"
I've added Office 365 Tenant to my AD.
Created the application manually.
All users Like "Mike#sample.com","Harry#sample.com"
are authenticated using my created application on AD.
But if i insert any other Office365 ID Like "kumar#mysite.onmicrosoft.com" with there password.
It is showing the following error message...
"Application with identifier xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx was not found in the directory enukesoftware.onmicrosoft.com"
Please help i need to authenticate and connect different organizations users and need to perform Calendar Operations.
Thanks in Advance.
Shekhar,
It looks like you might have solved the problem by making your application multi-tenant, thus allowing users in other Azure AD tenants to consent to your application. I would strongly recommend that you look at this github code samples (over the ones previously suggested):
https://github.com/AzureADSamples/WebApp-MultiTenant-OpenIdConnect-DotNet for sign in and
https://github.com/OfficeDev/O365-WebApp-MultiTenant for sign in and access to Office365 APIs. This is a multi tenant app that queries the user's contacts. If you want to look at other calls to Office 365 APIs (like calendaring) then this single tenant app has some examples: https://github.com/OfficeDev/Office-365-APIs-Starter-Project-for-Windows
Hope this helps
We've been working with EWS Managed services for a while now, however we would like to transition over to using the RESTful API for Office 365.
Is it possible for an application to access all of our users data without their consent? We have an in-house application that we would like to get some O365/Sharepoint data to our users. Using SSO isn't really an option, as we don't want to keep asking our users to give consent (we assume they already give it). Specifically, we want access to calendars and mail.
Are these "service/application level" accounts available in O365 yet? I think I read a while ago that they are on the roadmap but I have not seen anything since.
Would it be best for us to continue using impersonation with EWS for now until it is ready? (For some reason, EWS is painfully slow when getting data, meanwhile our tests with O365 SSO are a great deal faster, but we do not want SSO).
Apologies if this does not meet the requirements for SA questions. Thanks.
EDIT. Daemon and Service Apps are now possible with Office365. Check out this link.
Building Daemon or Service Apps with Office 365 Mail, Calendar, and Contacts APIs (OAuth2 client credential flow)
App-level authentication is coming soon. Basically an organization administrator will have to consent to allow the application access to mailboxes in their organization, then you'll be able to authenticate as the app, rather than acting on individual users' behalf.
I'd say keep working on your prototype using the user consent model that's in place now, and keep an eye on our blog or my Twitter account (#JasonJohMSFT) for the announcement for app-level auth.
Overview
Our SharePoint 2010 application will be launched from a 3rd party application, let's call it HealthApp, via an embedded URL. Much of the time the user will be logged into HealthApp from a shared workstation. As a result, SharePoint will not sign in automatically using the Active Directory credentials.
Requirements
We need single sign-on.
We need to continue to use Active Directory as the STS for various reasons.
Authentication from a stand-alone browser on the user's workstation will need to work as it does now.
Authentication Info
HealthApp can pass a username and any other custom identifier information we want as URL parameters.
The username will match the users Active Directory username.
We will not have a password.
We need some way to authenticate the user based only on the username/identifier.
Possible Solutions
Is there any way to bypass the password check in Active Directory?
This would appear to be the simplest solution if possible.
Can we
extend the Active Directory provider to authenticate using a generic
user and then log into SharePoint with the username passed on the
URL?
Any other suggestions?
I would think there would have to be some way to do this but have not had much experience with claims based authentication with SharePoint.
Thanks for any insight.
Me also facing same issue for authenticating users over share point site that uses claims authentication.As per requirements my app needs to access share point data. So to authenticate
over share point server from an app we need to provide some authenticated claims with the request so that share point STS can issue an authorization ticket to access the share point site resources. after spending more than 2 days in googling i found some interested article that may help to authenticate users from client app against identity provider systems.
OAuth library
this resides between app and identity provider system. using this you get an authenticated claims that will further use to authorize over share point server with the help of Share point STS.