Forum Discussion
AdPereira84
Jun 09, 2023Copper Contributor
.NET core APP with Microsoft Identity Platform error AADSTS50020
Hi,
I have a web application for which I am adding Microsoft Authentication as an option, this is working well, but only if the account I am login in as is on my 365 tenant.
If not, I get the error above.
I wanted anyone with a Microsoft account to be able to log in, is it possible?
My app manifests
{
"id": "02ce6fb8-56eb-4eca-afde-xxxxxxxx194f",
"acceptMappedClaims": null,
"accessTokenAcceptedVersion": 2,
"addIns": [],
"allowPublicClient": null,
"appId": "69fbe77c-b849-4a35-8407-xxxxxxaf9a8",
"appRoles": [],
"oauth2AllowUrlPathMatching": false,
"createdDateTime": "2023-06-09T13:48:52Z",
"description": null,
"certification": null,
"disabledByMicrosoftStatus": null,
"groupMembershipClaims": null,
"identifierUris": [
"api://69fbe77c-b849-4a35-8407-xxxxxaf9a8"
],
"informationalUrls": {
"termsOfService": "https://xxxxxogy.co.uk/",
"support": null,
"privacy": "https://xxxxxxxxxgy.co.uk/",
"marketing": null
},
"keyCredentials": [],
"knownClientApplications": [],
"logoUrl": null,
"logoutUrl": null,
"name": "BigHelpdesk-Authentication",
"notes": null,
"oauth2AllowIdTokenImplicitFlow": true,
"oauth2AllowImplicitFlow": false,
"oauth2Permissions": [
{
"adminConsentDescription": "Allows the app to access the web API on behalf of the signed-in user",
"adminConsentDisplayName": "Access the API on behalf of a user",
"id": "0720b330-6d84-4a5f-b125-xxxxxx4ff5",
"isEnabled": true,
"lang": null,
"origin": "Application",
"type": "User",
"userConsentDescription": "Allows this app to access the web API on your behalf",
"userConsentDisplayName": "Access the API on your behalf",
"value": "access_as_user"
}
],
"oauth2RequirePostResponse": false,
"optionalClaims": null,
"orgRestrictions": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [
{
"customKeyIdentifier": null,
"endDate": "2025-06-09T13:49:42.5567971Z",
"keyId": "620e9472-d14e-462d-a87a-xxxxxxxcf2d",
"startDate": "2023-06-09T13:49:42.5567971Z",
"value": null,
"createdOn": "2023-06-09T13:49:43.2617899Z",
"hint": "BYL",
"displayName": "Secret created by dotnet-msidentity tool"
}
],
"preAuthorizedApplications": [],
"publisherDomain": "xxxxxxxxogy.co.uk",
"replyUrlsWithType": [
{
"url": "http://localhost:5000/signin-oidc",
"type": "Web"
},
{
"url": "https://localhost:5001/signin-oidc",
"type": "Web"
},
{
"url": "https://localhost:44376/signin-oidc",
"type": "Web"
},
{
"url": "http://localhost:56353/signin-oidc",
"type": "Web"
}
],
"requiredResourceAccess": [],
"samlMetadataUrl": null,
"signInUrl": "https://xxxxxxxxgy.co.uk",
"signInAudience": "AzureADandPersonalMicrosoftAccount",
"tags": [],
"tokenEncryptionKeyId": null
}
Any conditional access in place?