AADSTS50020, and I already did all I found in other forums and support

Copper Contributor

When users with some microsoft accounts want to sign in with Microsoft Oauth2.

hotmail.com accounts works

live.com accounts does not work

microsoft 365 professional accounts does not work

 

I've checked:

 - that my app manifest.json has the  "signInAudience": "AzureADandPersonalMicrosoftAccount" as explained here (https://answers.microsoft.com/en-us/msoffice/forum/all/identity-provider-livecom-does-not-exist-in-t...)

 

 - i've tried to use the endpoint common and the my tenant id 

 

 - I've tried to create a user flow (turn on "allow user flows" in the Authentication tab of the app, and create the flow as explained here (https://learn.microsoft.com/en-us/azure/active-directory/external-identities/self-service-sign-up-us...)

 

 - In my Azure Directory I have, in the external collaboration settings:  

   - Guest users have the same access as members (most inclusive)

   - Anyone in the organization can invite guest users including guests and non-admins (most inclusive)

   - Enable guest self-service sign up via user-flows 

 

 - i've tried to create a create a Microsoft Partner account but the process does not work properly (it does not send the SMS or the activation code) ... this is because I see this banner in the "Authentication tab": 

Starting November 9th, 2020 end users will no longer be able to grant consent to newly registered multitenant apps without verified publishers
 
I don't know what to try more ...
Please... I just need to create an app to allow users in my application to sign in with ANY Microsoft account.
 
THANK YOU !

 

The ERROR

Request Id: dc9ecadf-667f-4de1-a92e-31b20fe87f00
Correlation Id: 83a29570-16b5-49e0-84b9-88ccdd772240
Timestamp: 2023-02-26T20:39:56Z
Message: AADSTS50020: User account 'd***@***.**' from identity provider 'live.com' does not exist in tenant 'Directorio predeterminado' and cannot access the application 'e059d84f-4984-4e93-a71d-21f1028d***' in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
0 Replies