Share via

Authentication issu with react

Shashika Edirisingha 45 Reputation points
2024-08-07T08:25:45.33+00:00 
auth: {
        clientId: ClientId,
        authority: `https://${TenantId}.ciamlogin.com/${TenantId}/v2.0`,
        instance: `https://${TenantId}.ciamlogin.com/${TenantId}/v2.0`,
        tenantId: TenantId,
        callbackPath: "http://localhost:3000",
        clientSecret: 'xxxxxxxxxxxxxxxxxxxxx',
        redirectUri: "http://localhost:3000"
    }

This is my configuration to authenticate from react app and i configured two applications for react and my web API both are connected and scopes are defined when i accessing 

pi://<backen-api-id>/ToDoList.Read

its giving AADSTS500207: The account type can't be used for the resource you're trying to access.

when i changing application type to single tenant or trying with empty scope it is working fine what was the issue ?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,665 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,927 questions
Accepted answer
  1. Navya 12,570 Reputation points Microsoft Vendor
    2024-08-08T02:23:08.2933333+00:00

    Hi @Shashika Edirisingha

    Thank you for posting this in Microsoft Q&A.

    I understand you are encountering an authentication issue with React when using the application type as multi-tenant in external tenants.

    AADSTS500207: The account type can't be used for the resource you're trying to access. when i changing application type to single tenant or trying with empty scope it is working fine what was the issue?

    As of today, accessing API of workforce tenant from external tenant (CIAM User) is not supported.
    Meanwhile, we suggested a workaround for this issue: use an external ID for Workforce tenants, which allows for B2B collaboration. This would be the same as the External ID in External tenants (CIAM), but the users will be hosted in the same production tenant as guest users.

    However considering the feature to be new, we are open for feedback and request you to post this as an idea on our feedback forum so that it could be visible to the service engineering team.

    Similar issue discussed earlier in Microsoft Q&A platform: https://learn.microsoft.com/en-us/answers/questions/1665201/how-to-give-external-customer-accounts-in-a-entra

    User shared an idea on our feedback forum https://feedback.azure.com/d365community/idea/a02a5bb4-4b13-ef11-9899-6045bd824b24 Appreciate if you could upvote and comment on. This allows our product teams to effectively prioritize your request against our existing feature backlog and gives insight into the potential impact of implementing the suggested feature.

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Navya.

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.