[Mitigated] Administrators are unable to create new B2C applications or modify the permissions for existing B2C applications

[Nov 30, 2018] All applications created during the incident below should be functioning normally. If you are still facing any issues, please file a support ticket through the Azure portal. [Nov 28, 2018 23:53 UTC] We have mitigated the incident. New Azure AD B2C application creation should be working now. We will continue to monitor…


New user flow management experience is available by default

Hi all, We are ready to replace the user flow management experience with our new one!  This change will be rolled out to new directories from this point on and we’ll start adding existing directories soon. If you have any trouble with this please send us an email at aadb2cpreview@microsoft.com. You can also access the…


b2clogin.com is now generally available

Hi all, We are happy to announce that the use of b2clogin.com is now generally available. This feature is the new default way for you to access your Azure AD B2C service. The new domain for your requests takes the form of <YourTenantName>. b2clogin.com. You’ll need to make a couple changes to your existing applications…


Analyzing Facebook’s recent access token exploit impact on Azure AD B2C customers

On September 28, 2018, Facebook announced a security issue affecting almost 50 million user accounts. On the Azure AD B2C team, we’ve been carefully watching this developing story, particularly regarding any potential impact it could have on our own customers. In our analysis of the situation and the data available so far, we have found…


[Mitigated Sep 4] Customers unable to authenticate to Azure AD B2C

Between 0930h and 1800h UTC,  A very small set of Azure AD B2C Directory administrators experienced intermittent failures accessing the Azure AD B2C blades and some end-users had intermittent failed authentications.  Users who retried, were likely able to authenticate and access the protected resources.  The issue has been mitigated. Only a few B2C tenants were…


[Mitigated] Customers were not able to create new Azure AD B2C Directories

Between 01:00 AM 7/13 UTC and 06:30 PM 7/13 UTC most customers were not able to create a Azure AD B2C directory in the Azure Portal.  The issue has been mitigated and customers are able to create new B2C directories now. The error was “Unable to complete due to service connection error, please try again later”….


[Mitigated 6/18] Azure AD B2C settings menu unable to load for a small set of customers

A very small set of customers experienced failures loading the Azure AD B2C settings menu in the Azure portal intermittently. This issue did not impact  end-users authenticating against Azure Active Directory B2C. As a temporary workaround, administrators should load the settings menu in a different browser or using the Private mode. As per our investigation, the…


Twitter Login changes to signin handshake. Some customers affected. Here is the fix.

Note: If you are using a URL other than login.microsoftonline.com (for example <yourtenant>.b2clogin.com), please replace login.microsoftonline.com in step #2 accordingly. What is New? Twitter has made some updates to their sign in handshake (https://twittercommunity.com/t/action-required-sign-in-with-twitter-users-must-whitelist-callback-urls/105342). It requires a setting change in a small number of AAD B2C tenants only where Twitter was configured manually as an…


UI updates for creating/editing policies; Application access management for minors

We have updated the UI area for the create and edit policy experience! We’re hoping these improvements streamline the process of creating policies and makes editing much easier.  To access this new UI, simply use this link.  Keep in mind that this UI is still in private preview and you should not use this in…

0

[Issue mitigated] Users may not be receiving email verification codes

Starting at 19:27 UTC on 4/27, some Azure AD B2C customers may have begun experiencing issues receiving verification emails while signing up for new email-based accounts or resetting their passwords. Engineers mitigated the issue at 20:36 UTC. The service should now be running normally.  

0