Getting 401 UNAUTHORIZED in mutitenant app

shehraz khan 6 Reputation points
2021-10-27T22:36:07.213+00:00

I am using azure multitenant app and trying the other azure user to signin to my web application via signin with micorosoft account.
Users are able to launch signin consent but when it redirects to my application redirect uri, it always saying 401 unauthorised.

2021-10-28 03:33:55.394 DEBUG 26156 --- [nio-9090-exec-3] o.s.web.client.RestTemplate : HTTP POST https://login.microsoftonline.com/common/oauth2/token
2021-10-28 03:33:55.395 DEBUG 26156 --- [nio-9090-exec-3] o.s.web.client.RestTemplate : Accept=[application/json, application/*+json]
2021-10-28 03:33:55.397 DEBUG 26156 --- [nio-9090-exec-3] o.s.web.client.RestTemplate : Writing [{grant_type=[authorization_code], code=[0.AX0Avfa0C4c4bUmPRxXR6h9AoAxUGdqY4PpEjJQIhC26Y998AAA.AQABAAIAAAD--DLA3VO7QrddgJg7Wevry1umSuzIWCf52U9], redirect_uri=[https://localhost:9090/sso/login/oauth2/code/azure]}] as "application/x-www-form-urlencoded;charset=UTF-8"
2021-10-28 03:33:56.195 DEBUG 26156 --- [nio-9090-exec-3] o.s.web.client.RestTemplate : Response 401 UNAUTHORIZED

I have gone through documentation but couldn't find the solution.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,456 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 95,181 Reputation points MVP
    2021-10-28T05:30:18.52+00:00

    Multi-tenant only covers Office 365/commercial accounts, in order to be able to login with Microsoft account (consumer account) you need to select the "Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)" or "Personal Microsoft accounts only" values.

    1 person found this answer helpful.
    0 comments