I am not able to authenticate the Azure API's though my application with the email id registered under different domain name. It works for me company email address.
Steps I followed to register the application in AD:
- Registered an app in Azure Active Directory.
- Set permission requests to allow the client to access the Azure Resource Manager API.
- Also, enabled the Multi tenanted option.
Followed URL Azure Authentication
Authorize URL:
/common/oauth2/authorize?
client_id=XXXXXXXXXXXXXXXXXXXXX
&response_type=code
&redirect_uri=calBackURL
&response_mode=query
&resource=https%3a%2f%2fmanagement.azure.com
&state=12345&prompt=consent
Token URL:
/common/oauth2/token?
grant_type=authorization_code
&client_id=xxxxxxxxxx
&code={Code}
&redirect_uri={calBackURL}
&client_secret=xxxxxxxxxx
Error Message:
AADSTS50020: User account '[email protected]' from identity provider 'live.com' does not exist in tenant 'xxxx' and cannot access the application 'xxxx xxxx xxxx xxxx xxxx'(Azure Demo Builder Dev) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.