![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 28.000000000000004%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,752 questions
Thank you for posting your query on Microsoft Q&A, from above description it seems like you want to allow all personal and AAD users from different tenant to be able to access your application hosted in Azure AD, without registering them manually as Guest accounts.
Please do let me know if this is not the case by responding to this in the comments section.
- The ideal way here would be using Azure AD self-service sign-up user flow. (can't be used with native Azure AD/Microsoft applications)
- The user can sign in to your application, via the web, mobile, desktop, or single-page application (SPA). The application initiates an authorization request to the user flow-provided endpoint. The user flow defines and controls the user's experience. When the user completes the sign-up user flow, Azure AD generates a token and redirects the user back to your application. Upon completion of sign-up, a guest account is provisioned for the user in the directory. Multiple applications can use the same user flow.
- I created one user flow in my tenant, PFB examples :
- I added my test application to the user flow:
- Now anytime I access the application it does give me option to sign-up with my personal account to the tenant in which the application has been setup.
- Enter your domain on which application has been hosted.
- This takes me to the application hosted domain.
- This would take redirect live.com auth page for personal accounts authentication:
- Once authenticated Consent screen would pop up:
- Then information requested by admin in user flow would be presented.
- Now my account has been added as guest and end users could access the application without me adding them as guest account via self-service user flow:
Please do let me know if you have any further queries.
Thanks,
Akshay Kaushik
Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 40%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)