Hello @roman ,
Thank you for reaching out Microsoft Q&A.
I Understand that you want to setup Microsoft Social Login for Spring Security but you have been successful when you manually add a user to the directory but you want to let any user login.
If you're using B2B collaboration, the user must be added to the tenant as a guest in order to log in to the application through Microsoft account. Without adding the user to the tenant, they cannot log in with a Microsoft account.
To allow any user to log in with Microsoft account, you need to integrate Spring Security in Azure AD B2C tenant for the Microsoft login user flow.
For additional information please follow the document: Microsoft Accounts for B2B Collaboration , https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-microsoft-account?pivots=b2c-custom-policy
Hope this helps. Do let us know if you any further queries.
Regards,
Goutam Pratti.