Hello,
I’m have question about Azure login.
I have create an app through Azure Portal - Azure Active Directory.
However, users from other organizations cannot access to my application.
Is there anyway users from other organizations can directly access my application just by logging in to their account? Just like Slack?
The only way we can give an access is we manually add it as my tenant's guest.
Thank you for your time.
Of course, you just need to change your application to multi-tenant application and then change /tenant id to /common when users from other organizations log in.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
It is set up as multi-tenant. However
There is an error saying that it does not belong to this app's tenant. Slack is available to all users.
Translation is not smooth using a translator.
AADSTS50020: User account 'gisa3@kyowon.co.kr' from identity provider 'https://sts.windows.net/6aba328a-b414-4a52-bf31-46f3e35e8b39/' does not exist in tenant 'Madrascheck' and cannot access the application '9adf41af-3031-41a0-aaad-eeba5a7a35ab'(flow) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
Request Id: c05e7479-682e-4ae6-b8f2-a9ea6977a900
Correlation Id: 4b3d5ed6-cc4f-47de-925d-fbfb00377d20
Timestamp: 2022-05-12T09:34:16Z
Message: AADSTS50020: User account 'gisa3@kyowon.co.kr' from identity provider 'https://sts.windows.net/6aba328a-b414-4a52-bf31-46f3e35e8b39/' does not exist in tenant 'Madrascheck' and cannot access the application '9adf41af-3031-41a0-aaad-eeba5a7a35ab'(flow) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
Hi @flowdev1-9949 Your login URL must use the /common endpoint because users from other organizations are not in your tenant, so you cannot log in using the /tenant id endpoint.
https://login.microsoftonline.com/common
It seems that we are one step closer to solving the problem. thank you.
But I faced another problem.
Thanks to your help, I was able to get an Access Token.
However, when I tried to open an online meeting with the issued Access Token, a problem arose.
{"error":{"code":"Forbidden","message":"","innerError":{"request-id":"3913d119-9fa1-4ddd-a295-1519278f7bc0","date":"2022 -05-12T11:58:22","client-request-id":"3913d119-9fa1-4ddd-a295-1519278f7bc0"}}}
This error does not occur when creating an Online Meeting with an account that is within the Tenant, it only happens to people outside your organization.
Maybe I need to change the app settings?
3 people are following this question.
