With the new Xbox app for Windows 10 PCs, play the games you love to play. Browse the catalogue, view recommendations, and discover your next favorite game from a library of high-quality PC games with Xbox Game Pass. See what your friends are playing and chat with them across Xbox. This download contains an evaluation version of the Microsoft® Identity Manager (MIM) 2016 client and server components. Microsoft Identity Manager (MIM) 2016 is the latest version of Microsoft's Identity and Access management (IAM) product suite, and is intended to replace Forefront Identity Manager (FIM) 2010 R2. MIM provides identity data management and synchronization, authentication. Visit this link (here) and download the latest version of Xbox Identity Provider. Click on Get to download the UWP application. Wait for the product to be installed, then restart your computer. Installing Xbox Identity Provider.
If you don't use it, just leave it there. For the longest time I've just opened Xbox once to deactivate the features because it was known to cause some trouble in games. After that, I have never ever had an issue with notifications or anything like regarding Xbox stuff. Xbox Identity Provider is a preinstalled system app that is used by apps and games on Windows to connect to your Xbox Live account (exactly as OllieX2 described below). The Xbox Identity Provider isn't intended to run as a stand-alone application. I will open a bug to try to make this less confusing in a future release.
-->Before you begin, use the selector above to choose the type of policy you're configuring. Azure AD B2C offers two methods of defining how users interact with your applications: though predefined user flows, or through fully configurable custom policies. The steps required in this article are different for each method.
Note
In Azure Active Directory B2C, custom policies are designed primarily to address complex scenarios. For most scenarios, we recommend that you use built-in user flows.
Prerequisites
- Create a user flow to enable users to sign up and sign in to your application.
- If you haven't already done so, register a web application, and enable ID token implicit grant.
- Complete the steps in the Get started with custom policies in Active Directory B2C.
- If you haven't already done so, register a web application, and enable ID token implicit grant.
Create a Microsoft account application
To enable sign-in for users with a Microsoft account in Azure Active Directory B2C (Azure AD B2C), you need to create an application in Azure portal. For more information, see Register an application with the Microsoft identity platform. If you don't already have a Microsoft account, you can get one at https://www.live.com/.
Sign in to the Azure portal.
Make sure you're using the directory that contains your Azure AD tenant by selecting the Directory + subscription filter in the top menu and choosing the directory that contains your Azure AD tenant.
Choose All services in the top-left corner of the Azure portal, and then search for and select App registrations.
Select New registration.
Enter a Name for your application. For example, MSAapp1.
Under Supported account types, select Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox).
For more information on the different account type selections, see Quickstart: Register an application with the Microsoft identity platform.
Under Redirect URI (optional), select Web and enter
https://.b2clogin.com/.onmicrosoft.com/oauth2/authresp
in the text box. Replacewith your Azure AD B2C tenant name.
Select Register
Record the Application (client) ID shown on the application Overview page. You need the client ID when you configure the identity provider in the next section.
Select Certificates & secrets
Click New client secret
Enter a Description for the secret, for example Application password 1, and then click Add.
Record the application password shown in the Value column. You need the client secret when you configure the identity provider in the next section.
Configure Microsoft as an identity provider
- Sign in to the Azure portal as the global administrator of your Azure AD B2C tenant.
- Make sure you're using the directory that contains your Azure AD B2C tenant by selecting the Directory + subscription filter in the top menu and choosing the directory that contains your tenant.
- Choose All services in the top-left corner of the Azure portal, search for and select Azure AD B2C.
- Select Identity providers, then select Microsoft Account.
- Enter a Name. For example, MSA.
- For the Client ID, enter the Application (client) ID of the Azure AD application that you created earlier.
- For the Client secret, enter the client secret that you recorded.
- Select Save.
Add Microsoft identity provider to a user flow
- In your Azure AD B2C tenant, select User flows.
- Click the user flow that you want to add the Microsoft identity provider.
- Under the Social identity providers, select Microsoft Account.
- Select Save.
- To test your policy, select Run user flow.
- For Application, select the web application named testapp1 that you previously registered. The Reply URL should show
https://jwt.ms
. - Select the Run user flow button.
- From the sign-up or sign-in page, select Microsoft to sign in with Microsoft account.
If the sign-in process is successful, your browser is redirected to https://jwt.ms
, which displays the contents of the token returned by Azure AD B2C.
Configuring optional claims
If you want to get the family_name
and given_name
claims from Azure AD, you can configure optional claims for your application in the Azure portal UI or application manifest. For more information, see How to provide optional claims to your Azure AD app.
- Sign in to the Azure portal. Search for and select Azure Active Directory.
- From the Manage section, select App registrations.
- Select the application you want to configure optional claims for in the list.
- From the Manage section, select Token configuration (preview).
- Select Add optional claim.
- Select the token type you want to configure.
- Select the optional claims to add.
- Click Add.
Download Xbox Identity Provider App
Create a policy key
Now that you've created the application in your Azure AD tenant, you need to store that application's client secret in your Azure AD B2C tenant.
- Sign in to the Azure portal.
- Make sure you're using the directory that contains your Azure AD B2C tenant. Select the Directory + subscription filter in the top menu and choose the directory that contains your tenant.
- Choose All services in the top-left corner of the Azure portal, and then search for and select Azure AD B2C.
- On the Overview page, select Identity Experience Framework.
- Select Policy Keys and then select Add.
- For Options, choose
Manual
. - Enter a Name for the policy key. For example,
MSASecret
. The prefixB2C_1A_
is added automatically to the name of your key. - In Secret, enter the client secret that you recorded in the previous section.
- For Key usage, select
Signature
. - Click Create.
Configure Microsoft as an identity provider
To enable users to sign in using a Microsoft account, you need to define the account as a claims provider that Azure AD B2C can communicate with through an endpoint. The endpoint provides a set of claims that are used by Azure AD B2C to verify that a specific user has authenticated.
You can define Azure AD as a claims provider by adding the ClaimsProvider element in the extension file of your policy. Raspberry pi windows 7 download.
Open the TrustFrameworkExtensions.xml policy file.
Find the ClaimsProviders element. If it does not exist, add it under the root element.
Add a new ClaimsProvider as follows:
Replace the value of client_id with the Azure AD application's Application (client) ID that you recorded earlier.
Save the file.
You've now configured your policy so that Azure AD B2C knows how to communicate with your Microsoft account application in Azure AD.
Add a user journey
At this point, the identity provider has been set up, but it's not yet available in any of the sign-in pages. If you don't have your own custom user journey, create a duplicate of an existing template user journey, otherwise continue to the next step.
- Open the TrustFrameworkBase.xml file from the starter pack.
- Find and copy the entire contents of the UserJourney element that includes
Id='SignUpOrSignIn'
. - Open the TrustFrameworkExtensions.xml and find the UserJourneys element. If the element doesn't exist, add one.
- Paste the entire content of the UserJourney element that you copied as a child of the UserJourneys element.
- Rename the Id of the user journey. For example,
Id='CustomSignUpSignIn'
.
Add the identity provider to a user journey
Now that you have a user journey, add the new identity provider to the user journey. You first add a sign-in button, then link the button to an action. The action is the technical profile you created earlier.
Find the orchestration step element that includes
Type='CombinedSignInAndSignUp'
, orType='ClaimsProviderSelection'
in the user journey. It's usually the first orchestration step. The ClaimsProviderSelections element contains a list of identity providers that a user can sign in with. The order of the elements controls the order of the sign-in buttons presented to the user. Add a ClaimsProviderSelection XML element. Set the value of TargetClaimsExchangeId to a friendly name.In the next orchestration step, add a ClaimsExchange element. Set the Id to the value of the target claims exchange Id. Update the value of TechnicalProfileReferenceId to the Id of the technical profile you created earlier.
The following XML demonstrates the first two orchestration steps of a user journey with the identity provider:
Configure the relying party policy
The relying party policy, for example SignUpSignIn.xml, specifies the user journey which Azure AD B2C will execute. Find the DefaultUserJourney element within relying party. Update the ReferenceId to match the user journey ID, in which you added the identity provider.
In the following example, for the CustomSignUpOrSignIn
user journey, the ReferenceId is set to CustomSignUpOrSignIn
:
Upload the custom policy
- Sign in to the Azure portal.
- Select the Directory + Subscription icon in the portal toolbar, and then select the directory that contains your Azure AD B2C tenant.
- In the Azure portal, search for and select Azure AD B2C.
- Under Policies, select Identity Experience Framework.
- Select Upload Custom Policy, and then upload the two policy files that you changed, in the following order: the extension policy, for example
TrustFrameworkExtensions.xml
, then the relying party policy, such asSignUpSignIn.xml
.
Test your custom policy
- Select your relying party policy, for example
B2C_1A_signup_signin
. - For Application, select a web application that you previously registered. The Reply URL should show
https://jwt.ms
. - Select the Run now button.
- From the sign-up or sign-in page, select Microsoft to sign in with Microsoft account.
If the sign-in process is successful, your browser is redirected to https://jwt.ms
, which displays the contents of the token returned by Azure AD B2C.
Xbox Live Auth Manager - Windows 10 Service
Provides authentication and authorization services for interacting with Xbox Live. If this service is stopped, some applications may not operate correctly.
This service exists in Windows 10 only.
Startup Type
Windows 10 version | Home | Pro | Education | Enterprise |
---|---|---|---|---|
1507 | Manual | Manual | Manual | Manual |
1511 | Manual | Manual | Manual | Manual |
1607 | Manual | Manual | Manual | Manual |
1703 | Manual | Manual | Manual | Manual |
1709 | Manual | Manual | Manual | Manual |
1803 | Manual | Manual | Manual | Manual |
1809 | Manual | Manual | Manual | Manual |
1903 | Manual | Manual | Manual | Manual |
1909 | Manual | Manual | Manual | Manual |
2004 | Manual | Manual | Manual | Manual |
20H2 | Manual | Manual | Manual | Manual |
Default Properties
Display name: | Xbox Live Auth Manager |
Service name: | XblAuthManager |
Type: | share |
Path: | %WinDir%system32svchost.exe -k netsvcs -p |
File: | %WinDir%System32XblAuthManager.dll |
Error control: | normal |
Object: | LocalSystem |
Privileges: |
|
Default Behavior
The Xbox Live Auth Manager service is running as LocalSystem in a shared process of svchost.exe. Other services might run in the same process. If Xbox Live Auth Manager fails to start, the error is logged. Windows 10 startup proceeds, but a message box is displayed informing you that the XblAuthManager service has failed to start.
Dependencies
Xbox Live Auth Manager is unable to start, if the Remote Procedure Call (RPC) service is stopped or disabled.
If Xbox Live Auth Manager is stopped, the following services cannot start:
Restore Default Startup Type for Xbox Live Auth Manager
Automated Restore
1. Select your Windows 10 edition and release, and then click on the Download button below.
2. Save the RestoreXboxLiveAuthManagerWindows10.bat file to any folder on your hard drive.
3. Right-click the downloaded batch file and select Run as administrator.
Xbox Installer Stuck Pc
4. Restart the computer to save changes.
Note. Make sure that the XblAuthManager.dll
file exists in the %WinDir%System32
folder. If this file is missing you can try to restore it from your Windows 10 installation media.