ASP.NET CORE web app authentication With Personal Email( is failing, Need to have both Organization users + external users to login

D, Chandrashekar Naik 1 Reputation point

AADSTS50020: User account from identity provider does not exist in tenant and cannot access the application in that tenant.
The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,716 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Saurabh Sharma 23,561 Reputation points Microsoft Employee

    Hi @D, Chandrashekar Naik ,

    Thanks for using Microsoft Q&A !!
    Can you please check if

    1. Your application has been configured as a Multitenant app in you application registration page
    2. If the setting "User assignment required" is enabled in the Azure AD Enterprise application and the user is not the list of allowed users.
    3. You are sending your requests to common endpoint

    Please let me know if you still see any issues.