Unable to install Azure AD Application Proxy Connector

0
votes

I'm unable to install Azure AD Application Proxy Connector on my windows server 2016 as I'm getting below issue while signing in during installation.

Sorry, but we’re having trouble signing you in.

AADSTS50020: User account '[email protected]' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '55747057-9b5d-4bd4-b387-abf52a8bd489'(Azure AD Application Proxy Connector) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.

How to fix above issue.

1
azureazure-active-directory

1 Answers

0
votes

Based on the information in the error '[email protected]' is a MSA account. The reason for the error is that your application is not supporting MSA cccount.

If you want to support both MSA and AAD users, you need to use the V2 login endpoint. https://login.microsoftonline.com/.../v2.0 and see https://aka.ms/aadv2

Pleace check your application manifest has "signInAudience": "AzureADandPersonalMicrosoftAccount" and "accessTokenAcceptedVersion": 2 and Please update them if they are not same.

You can also add '[email protected]' as a guest user to your tenant which will also work but it is not a recommended way for an application which need to support MSA account.