ASP.NET CORE web app authentication With Personal Email(xxx@outlook.com) is failing, Need to have both Organization users + external users to login

D, Chandrashekar Naik 1 Reputation point
2021-05-21T09:16:27.193+00:00

AADSTS50020: User account from identity provider does not exist in tenant and cannot access the application in that tenant.
The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,716 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Saurabh Sharma 23,561 Reputation points Microsoft Employee
    2021-05-21T18:18:54.127+00:00

    Hi @D, Chandrashekar Naik ,

    Thanks for using Microsoft Q&A !!
    Can you please check if

    1. Your application has been configured as a Multitenant app in you application registration page
      98736-image.png
    2. If the setting "User assignment required" is enabled in the Azure AD Enterprise application and the user is not the list of allowed users.
      98698-image.png
    3. You are sending your requests to common endpoint https://login.microsoftonline.com/common

    Please let me know if you still see any issues.

    Thanks
    Saurabh