Menu
I need to build an app with Office 365 API and tried several examples provided here: https://msdn.microsoft.com/en-us/office/office365/howto/starter-projects-and-code-samples.
I manage to login to tha app with a user from within my own Azure Active Directory, e.g. user.name@tenant.onmicrosoft.com.
But, whenever I use another Office 365 account from another domain e.g. [email protected] I get this error:
AADSTS50020: User account '[email protected]' from external identity provider 'https://sts.windows.net/908b6c6d-f582-461d-9e73-88a4e48f5d88/' is not supported for application 'df1a02fd-f096-46df-9b5a-5cf1b0f9ef6d'. The account needs to be added as an external user in the tenant. Please sign out and sign in again with an Azure Active Directory user account.
The defined application in Azure is set to Multi-tenant!!
I also tried to add the foreign users to my AAD but everytime I get the message "This Microsoft account does not exist"
EXCEPT: I also made a hotmail account which I was able to add to my AAD and with this account logging in to the app was succesfull. But, without adding it to my AAD I get the above error message.
Any help would be welcome.
713
Multitenancy is an architecture where multiple tenants share the same physical instance of the app. Although tenants share physical resources (such as VMs or storage), each tenant gets its own logical instance of the app. Typically, application data is shared among the users within a tenant, but not with other tenants.
Azure AD B2B collaboration enables users to use one set of credentials to sign in to multiple tenants. For educational institutions, the benefits of B2B collaboration include: Centralized administration team managing multiple tenants.
Examples of large multitenant applications are Microsoft 365, Outlook.com, and visualstudio.com. From an application provider's perspective, the benefits of multitenancy mostly relate to operational and cost efficiencies.
Multitenancy is a reference to the mode of operation of software where multiple independent instances of one or multiple applications operate in a shared environment. The instances (tenants) are logically isolated, but physically integrated.
Make sure you are using "https://login.microsoftonline.com/common/..." and not "https://login.microsoftonline.com/[your tenant name]" when forming authorization link.
96
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
