Azure external Identity Provider

NDOUR Ndeye Dioma 91 Reputation points
2021-05-12T14:53:23.167+00:00

Hello all!
I followed this guide (see below) to add Google as an external identity provider for our Azure tenant.
But when I invite the guest (with gmail account), I have a bad request error.
Any idea?
https://learn.microsoft.com/en-us/azure/active-directory/external-identities/google-federation

Thanks!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,402 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Marilee Turscak-MSFT 36,821 Reputation points Microsoft Employee
    2021-05-12T20:45:16.937+00:00

    Is it the AADSTS50020 error? If the logged in users do not exist in the tenant/directory for a given application, they may receive this error.

    The app requesting the login should use v2 endpoints oauth2/v2.0/authorize and oauth2/v2.0/token and that should resolve the issue.

    https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/6795635-fix-error-aadsts50020-when-logged-in-user-doesn-t

    1 person found this answer helpful.
    0 comments No comments

  2. NDOUR Ndeye Dioma 91 Reputation points
    2021-05-18T07:50:45.927+00:00

    Hello, thank you for the reply.
    I don't have the described error, but I notice required Azure P2 license on the logs.
    I will get some P2 license first.
    I'll keep you informed!

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.