Single Sign On - Login external MS 365 account always ask to add in tenant

Matthew Palencia 0 Reputation points
2023-05-18T03:00:17.65+00:00

I'm trying to implement a Microsoft login on web. There are 4 types on account

  • Accounts in this organizational directory only (Default Directory only - Single tenant)
  • Accounts in any organizational directory (Any Azure AD directory - Multitenant)
  • Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
  • Personal Microsoft accounts only

I tried every option here, every time a user logs in, it has an error -" The account needs to be added as an external user in the tenant first ". We want to avoid this part, as we just want a normal login, no need to add user on any tenant's list. Is it possible?

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
4,311 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Matthew Palencia 0 Reputation points
    2023-05-18T04:55:54.3366667+00:00

    This issue can be a cause from several error, I found this link and helped me identify and solved the issue

    https://learn.microsoft.com/en-us/troubleshoot/azure/active-directory/error-code-aadsts50020-user-account-identity-provider-does-not-exist

    Use the correct URL when signing in:

    Multitenant applications https://login.microsoftonline.com/organizations
    Multitenant and personal accounts https://login.microsoftonline.com/common
    Personal accounts only https://login.microsoftonline.com/consumers
    0 comments No comments