Interactive Browser Credential "You can't sign in here with a personal account. Use your work or school account instead."

alma eyre 11 Reputation points

I am attempting to implement Interactive Browser Credential with Azure Identity (JS) in my app so that users can authenticate to their own Azure accounts for my dev tool. I got advice that app registration in Azure AD would be required on a Reddit thread ( I have now done so.

I have registered localhost:8083 and localhost:8085 as redirect URIs and selected the option to allow Account in any organizational directory. However, I am still getting the error "You can't sign in here with a personal account. Use your work or school account instead." Every answer( I have read on the topic says that I need to set "signInAudience": "AzureADandPersonalMicrosoftAccount" in the manifest. However, that is how my manifest already is and has been since the beginning. How do I fix the error?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,802 questions
{count} vote

1 answer

Sort by: Most helpful
  1. Shweta Mathur 28,031 Reputation points Microsoft Employee

    Hi @alma eyre ,

    As mentioned in your other thread as well,

    If you want to use Azure service management API to get the list of subscriptions and resource groups, user_impersonation is the scope that you need to request to work with the Azure Management API.

    You can add permission as mentioned below Application-> API permissions -> Add a permission -> select Azure Service Management API -> select the user_impersonation


    Also, you need to make sure the user has role i.e Contributor assigned in the subscription.

    Hope this will helps.



    Please remember to "Accept Answer" if answer helped you.

    0 comments No comments