Azure AD B2C – Using the graph API

There’s a really good guide for getting started with CRUD operations in a AAD B2C tenant on the Azure documentation site;

As per usual, I’ve ended up putting some powershell together to make it a bit more repeatable when I have to do this for multiple AAD tenants.

This particular script creates the application in the AAD tenant. I’ll be posting further scripts that show off doing some clever stuff when I’ve finished testing and polishing them.

Cloud Solution Architect at Microsoft in the UK.

Azure B2C Unified sign up with Page UI customization

When crafting a new Unified sign-up or sign-in page policy in the Azure Portal I managed to get this error

#error=server_error&error_description=AADB2C90001: The server hosting resource '' is not enabled for CORS requests. Ensure that the 'Access-Control-Allow-Origin' header has been configured.
Correlation ID: 613d1479-d146-4b89-abb8-3264730f5991
Timestamp: 2016-04-13 18:33:30Z

Of course, i’d been a bit quick off the mark and not yet changed my website to accept Cross Origin Requests.

Here’s what you’ll need to add to your unified Sign In page to fix the error

Response.AppendHeader("Access-Control-Allow-Origin", "");

Code wise, here’s how the Controller Action and View look;

Cloud Solution Architect at Microsoft in the UK.

Azure ARM Reserved Public Ip Addresses via Powershell

I’ve had the situation where the full allocation of IP addresses are needed up front for firewall configuration. This isn’t so bad when you only need a few, but if you’re going for your full allocation of 20 (or more if you’ve spoken to Microsoft Support) then it can get a little tedious using the Azure Portal UI.

The typical output from this should be something like;

My_IPBag_1 Succeeded
My_IPBag_2 Succeeded
My_IPBag_3 Succeeded
My_IPBag_4 Succeeded
My_IPBag_5 Succeeded
My_IPBag_6 Succeeded
My_IPBag_7 Succeeded
My_IPBag_8 Succeeded
My_IPBag_9 Succeeded
My_IPBag_10 Succeeded
My_IPBag_11 Succeeded

Note that the assigned IP addresses are not in a continuous range 🙂

If you do try to obtain more than 20 Public IP Addresses in your subscription then you’ll get this friendly error message.

New-AzureRmPublicIpAddress : Cannot create more than 20 public IP addresses with static allocation method for this subscription in this region.

Cloud Solution Architect at Microsoft in the UK.

Azure AD b2c error – could not load file or assembly ‘microsoft.identitymodel.protocol.extensions’

Following the Azure B2C Dev Quickstarts resulted in a build failure…

Could not load file or assembly ‘Microsoft.IdentityModel.Protocol.Extensions’ or one of its dependencies. The located assembly’s manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)

The quick fix is to update the Nuget package reference for the Protocol Extensions from version to using the Visual Studio Nuget package manager.

Subsequently the build then fails with this error;

The following errors occurred while attempting to load the app.
– No assembly found containing an OwinStartupAttribute.
– No assembly found containing a Startup or [AssemblyName].Startup class.
To disable OWIN startup discovery, add the appSetting owin:AutomaticAppStartup with a value of “false” in your web.config.
To specify the OWIN startup Assembly, Class, or Method, add the appSetting owin:AppStartup with the fully qualified startup class or configuration method name in your web.config.

The fix for this one is to check your Startup.cs file for the OWIN assembly declaration.

These few changes should then result in a successful build.

Cloud Solution Architect at Microsoft in the UK.

Estimating your annual Azure bill

Following on from my last post when i was tinkering with the Azure EA Billing API…

If you have an Azure Enterprise Agreement, you might want to get a regular idea of where you usage (and money) is heading.

I got the idea from MyFitnessPal, which is a popular nutrition app.  At the end of every day, when you’ve logged your food and told it that you’re finished eating for the day it tells you that; “If every day was like today, then in 5 weeks you’d weigh 160lb’s” (Or something similar).

With utility billing, your usage could fluctuate wildly from day to day so it’s probably best not to take the single estimate without context from other metrics and information… But it’s fun to see what the bill would end up being.

Rather than just providing a straight powershell script, i’ve created a workflow that runs in the Azure Automation platform and submitted it to the public runbook gallery.

“Uses the Microsoft Azure Enterprise Agreement API to estimate your annual Microsoft Azure bill based on the last days usage.

The default Azure EA account is the sample account id and accesskey just so you can see it working before plugging your own details in. You should use the Microsoft Azure Enterprise portal to request your own accesskey.

I recommend adding the script to a daily schedule.

This script requires a credential asset for the your SMTP server in order to send the email.”

Here’s the (v1.0) version of the powershell script;

Cloud Solution Architect at Microsoft in the UK.