Azure AD B2C Tenant seems corrupted after using AA

2019-08-20 15:38发布

问题:

A few days ago, before implementing user management with the Azure Active Directory Graph API (not Microsoft Graph) in our web app for Azure AD B2C users, I was able to log into the Azure Portal, find the Azure Active Directory B2C resource, click on it, and successfully authenticate into it in order to edit policies, view the list of users, etc.

(Clicking the tenant in the screenshot used to work!)

Now when I click on it, the screen flashes about 10 times, attempting to log my user into the tenant. But afterward, the following error is returned:

Furthermore, when I attempt to log into the web app with that same user, I get the following error message:

ERROR: Your account has been locked. Contact your support person to unlock it, then try again.

How do I unlock the account if I can't even get into the Azure AD B2C tenant? Did I corrupt the tenant by using the AAD Graph Client?


UPDATE

I'm adding more information about how I'm using the Azure AD Graph Client, in case it is important to diagnose why I, nor any other admin on my team, can log into the AAD B2C tenant.

I think the most relevant piece of how I'm using the Azure AD Graph Client is the following to update a user's "Organization" extension/custom attribute:

The x's represent the AAD B2C generated identifier associated with the extension and the y's represent a user GUID.

HTTP PATCH to https://graph.windows.net/genlogin.onmicrosoft.com/users/yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy?api-version=1.6

Body: {
    "extension_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx_Organization":"Microsoft"
}

Is this incorrect use of the graph client? How do I get the AAD B2C tenant back to a state where I can log into it?


UPDATE

Furthermore, I also found the following link which talks about existing issues in AAD B2C management: https://blogs.msdn.microsoft.com/azureadb2c/2016/09/09/known-issue-b2c-app-mgmt/

Does this link apply at all? (My guess is no because it is the tenant itself that seems to be in a weird state, not the application associated with the tenant)

回答1:

Due to the screen flashes about 10 times .It seems that you tried to login the Azure too many times within a short time. Azure login server has its own policy to prevent this kind of uncommon login event.

Try to use another admin account to login the b2c Tenant and reset your account password. If you don't have , call other admins to help you.

Otherwise, you need to wait and try to login later.

Additional, your client broswer may come across some issue which causes this event. You'd better check the evironment for your work.