![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 23%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EUB%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
Hello @Łukasz Boruń,
Thanks for using Q and A forum.
This situation typically arises when the app registration is set to a single-tenant account type, which prevents users from other directories or identity providers from signing in.
To resolve this issue, you should ensure that your app registration supports multiple account types.
You can do this by checking the signInAudience setting in the app registration manifest in the Azure portal. It should be set to one of the following values: AzureADandPersonalMicrosoftAccount, AzureADMultipleOrgs, or PersonalMicrosoftAccount. If it is not, you will need to recreate the app registration with the correct account type selected.
Additionally, if the application is intended to allow users from other organizations to sign in, ensure that you are using the correct sign-in URL. For multitenant applications, the URL should be https://login.microsoftonline.com/organizations. If you are using a tenant-specific URL, users from other organizations will not be able to access the application unless they are added as guests in the tenant.
Lastly, if the application is configured to allow personal accounts, ensure that the sign-in URL is set to https://login.microsoftonline.com/common.
If the Answer is helpful, please click Accept Answer and Up-Vote 👍, so that this can be beneficial to other community members.