CODEWITHSUNDEEP
authenticationazuremulti-tenantazure-active-directory
Roy Decaestecker
Roy Decaestecker

Reputation: 91

Azure Multi-tenant application

I need to build an app with Office 365 API and tried several examples provided here: https://msdn.microsoft.com/en-us/office/office365/howto/starter-projects-and-code-samples.

I manage to login to tha app with a user from within my own Azure Active Directory, e.g. user.name@tenant.onmicrosoft.com.

But, whenever I use another Office 365 account from another domain e.g. [email protected] I get this error:

AADSTS50020: User account '[email protected]' from external identity provider 'https://sts.windows.net/908b6c6d-f582-461d-9e73-88a4e48f5d88/' is not supported for application 'df1a02fd-f096-46df-9b5a-5cf1b0f9ef6d'. The account needs to be added as an external user in the tenant. Please sign out and sign in again with an Azure Active Directory user account.

The defined application in Azure is set to Multi-tenant!!

I also tried to add the foreign users to my AAD but everytime I get the message "This Microsoft account does not exist"

EXCEPT: I also made a hotmail account which I was able to add to my AAD and with this account logging in to the app was succesfull. But, without adding it to my AAD I get the above error message.

Any help would be welcome.

Upvotes: 5

Views: 7572

Answers (2)

zerk
zerk

Reputation: 586

I am late to the party, but what it fixed for me was that I had to use "common" as tenantId.

Upvotes: 0

aaronlt
aaronlt

Reputation: 101

Make sure you are using "https://login.microsoftonline.com/common/..." and not "https://login.microsoftonline.com/[your tenant name]" when forming authorization link.

Upvotes: 10

Related Questions