Hi Jon Insley,
Thank you for posting in the Q&A Forums.
Here are a few possible reasons:
Wrong tenant: A user tries to sign in to an Azure Active Directory (AAD) tenant with his or her Microsoft personal account (typically Outlook.com, Hotmail.com, or Live.com), but the account has not been invited or added as an external user to that tenant.
Unsupported account types: Azure AD tenants may only support work or school accounts (i.e., Azure AD accounts) and not personal Microsoft accounts. Some Azure AD applications are configured to accept only users from a specific Azure AD tenant.
Application Configuration: Applications may be configured in Azure AD to only allow users from a specific tenant or a specific domain to sign in. If the application is set to support only single-tenant mode and the user is not in that tenant, they will be denied access.
Directory permissions: Users may not have sufficient permissions to access the application, even if they have been added to the tenant as an external user.
Login Experience Configuration: The application may be configured to use the wrong login experience (e.g., B2B, B2C, or multi-tenant) or may not have the Identity Provider (IdP) set up correctly.
Authentication library/framework configuration: If your application uses a third-party authentication library or framework, it may not be properly configured to support Microsoft Personal Account login.
To resolve this issue, you can:
Confirm tenant: Ensure that the user is trying to sign in to the correct Azure AD tenant.
Invite the user: If the user should be able to access the tenant, you can act as an administrator to invite them as an external user.
Check Application Configuration: Make sure the application is configured in Azure AD to accept users from the correct tenant or identity provider.
Update permissions: Ensure that the user has the required permissions to access the application.
Check login experience configuration: Make sure your application and Azure AD are configured to support the required login experience.
Update authentication libraries/frameworks: Ensure that the authentication libraries or frameworks used by your application are properly configured to support the required login types.
Best regards
NeuviJ
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.