admin管理员组文章数量:1026989
A set of users have been created manually. I have 3 users that belong to Entra and sign in with SSO. Those 3 users and another user (created manually)) belong to certain group (Entra group). I have an impersonation policy that checks if the signed in user belongs to this group, if it does, then the user is allowed to impersonate.
Sign in is not a problem and the same way of sign in is in the impersonation policy.
Now the problem: if the 4th user (the one that doesn't SSO), wants to impersonate a user that logs in with SSO, we get the mentioned error message: An account could not be found for the provided user ID. Also, when the user signs in using sso but using the impersonation policy, we get the following error: AADB2C99002: This user does not exist and profile 'AAD-UserReadUsingEmailAddress' requires the user to have already been created.
What am I doing wrong? the sso users have been created already in Graph, and they can sign in
A set of users have been created manually. I have 3 users that belong to Entra and sign in with SSO. Those 3 users and another user (created manually)) belong to certain group (Entra group). I have an impersonation policy that checks if the signed in user belongs to this group, if it does, then the user is allowed to impersonate.
Sign in is not a problem and the same way of sign in is in the impersonation policy.
Now the problem: if the 4th user (the one that doesn't SSO), wants to impersonate a user that logs in with SSO, we get the mentioned error message: An account could not be found for the provided user ID. Also, when the user signs in using sso but using the impersonation policy, we get the following error: AADB2C99002: This user does not exist and profile 'AAD-UserReadUsingEmailAddress' requires the user to have already been created.
What am I doing wrong? the sso users have been created already in Graph, and they can sign in
Share Improve this question asked Nov 16, 2024 at 14:20 IriaAMIriaAM 254 bronze badges 1- Other 3 users are created from Azure Portal? – Rukmini Commented Nov 18, 2024 at 3:31
1 Answer
Reset to default 0the problem is that the signup is not done correctly for the user when SSO, so it is not properly done, therefore the user doesn't exist.
A set of users have been created manually. I have 3 users that belong to Entra and sign in with SSO. Those 3 users and another user (created manually)) belong to certain group (Entra group). I have an impersonation policy that checks if the signed in user belongs to this group, if it does, then the user is allowed to impersonate.
Sign in is not a problem and the same way of sign in is in the impersonation policy.
Now the problem: if the 4th user (the one that doesn't SSO), wants to impersonate a user that logs in with SSO, we get the mentioned error message: An account could not be found for the provided user ID. Also, when the user signs in using sso but using the impersonation policy, we get the following error: AADB2C99002: This user does not exist and profile 'AAD-UserReadUsingEmailAddress' requires the user to have already been created.
What am I doing wrong? the sso users have been created already in Graph, and they can sign in
A set of users have been created manually. I have 3 users that belong to Entra and sign in with SSO. Those 3 users and another user (created manually)) belong to certain group (Entra group). I have an impersonation policy that checks if the signed in user belongs to this group, if it does, then the user is allowed to impersonate.
Sign in is not a problem and the same way of sign in is in the impersonation policy.
Now the problem: if the 4th user (the one that doesn't SSO), wants to impersonate a user that logs in with SSO, we get the mentioned error message: An account could not be found for the provided user ID. Also, when the user signs in using sso but using the impersonation policy, we get the following error: AADB2C99002: This user does not exist and profile 'AAD-UserReadUsingEmailAddress' requires the user to have already been created.
What am I doing wrong? the sso users have been created already in Graph, and they can sign in
Share Improve this question asked Nov 16, 2024 at 14:20 IriaAMIriaAM 254 bronze badges 1- Other 3 users are created from Azure Portal? – Rukmini Commented Nov 18, 2024 at 3:31
1 Answer
Reset to default 0the problem is that the signup is not done correctly for the user when SSO, so it is not properly done, therefore the user doesn't exist.
本文标签:
版权声明:本文标题:single sign on - B2C problem: An account could not be found for the provided user ID. returns for impersonation - Stack Overflow 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://it.en369.cn/questions/1745657152a2161664.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论