This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 81%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Hi,
I have MS Entra External ID preview tenant created. However, I noticed that I cannot authenticate successfully with the local account. Below I provide more details. I would be grateful for help/hints
Describe the bug
When I try to login with corporate account or standard customer account I have below error displayed after authentication is completed:
AADSTS700056: User account does not exist in organization.
This only happens when the customer use their email id to login instead of principal username. The user is redirected to temporary access pass page when they use their customer email but when they try to use the pass code it throws error.
Steps to reproduce:
Note: Temporary access pass only works if you use your User principal name.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi @Shreyal Gelani
Thank you for your post!
We will check this and get back to you.
Thanks,
Akhilesh.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Shreyal Gelani
Apologies for delay in response.
Could you please confirm how you setup your user flow and which option you choose for user's email accounts?
Currently, in Microsoft External Id for Customers (CIAM) we do not have an option to sign in with UserPrincipalName. Could you please confirm and share the screenshots so we can help you further.
We recommend to use Email with Password to Sign in to your application with MFA as MFA uses pass code as second form of authentication.
Reference - https://learn.microsoft.com/en-us/entra/external-id/customers/how-to-multifactor-authentication-customers
Thanks, Shweta
Hi @Shweta Mathur ,
I can confirm that I have used Email with password. I understand that currently there is no mention about the option to use userPrincipalName. I just wanted to use Temporary access pass authentication method for my customers with their email which is not working I think. I have no issues with MFA or Email with password flow.
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Shreyal Gelani As this feature is still in preview.
Currently we are not supporting Temporary access pass authentication method for customers.
As this feature is already in evolving state. I would suggest you post this idea at the Azure Feedback Portal, which is monitored by the product team for feature enhancements.
Hope this will help.
Thanks, Shweta
Please remember to "Accept Answer" if answer helped you.