# Graph ROPC Federated Account

An exception to a hybrid identity federation scenario would be the following: Home Realm Discovery policy with **AllowCloudPasswordValidation** set to TRUE will enable ROPC flow to work for federated users when an on-premises password is synced to the cloud. For more information, see [Enable direct ROPC authentication of federated users for legacy applications](https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/home-realm-discovery-policy#enable-direct-ropc-authentication-of-federated-users-for-legacy-applications).

Powershell cmdlets to check the existing configuration on Azure Apps below

```powershell
// Install AzureADPreview
Install-Module AzureADPreview
Import-Module AzureADPreview

// Get Azure AD Policy
Get-AzureADPolicy

// Get Azure AD policy for a specific app
// Get the object ID from SPN, not App registration
Get-AzureADServicePrincipalPolicy <Object ID>
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.jianny.net/work/azure/app-registration-auths/graph-ropc-federated-account.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.