Getting “unauthorized_client” when trying to login using Microsoft account

Question

In my IS4's Startup.cs:

services.AddAuthentication()
        .AddMicrosoftAccount(o =>
        {
            o.SignInScheme = IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme;
            o.ClientId = "clientId";
            o.ClientSecret = "clientSecret";
        });

I have defined the scope:

openid
profile

And I get the error after I tried to login:

unauthorized_client: The client does not exist or is not enabled for consumers. If you are the application developer, configure a new application through the App Registrations in the Azure Portal at https://go.microsoft.com/fwlink/?linkid=2083908.

It's a web app. So what am I doing wrong here:

I assume the client ID is this:

And my client secret is this:

I have also set up the redirect URI:

Not yet, I've been busy with a different issues so this will have to wait :) I know this is probably just a quick test, but I'm on a deadline with the other one. — Farid

Joy Wang-MSFT Joy Wang-MSFT · Accepted Answer · 2020-09-17T01:25:07

The error means the Supported account types are not set for the personal account(Microsoft account in your case).

To solve the issue, navigate to the Manifest of your App registration, set the two properties accessTokenAcceptedVersion and signInAudience like below.

"accessTokenAcceptedVersion": 2,
"signInAudience": "AzureADandPersonalMicrosoftAccount"

When you save the setting, make sure your app meets the requirement of the validation, otherwise there will be some errors.

Getting “unauthorized_client” when trying to login using Microsoft account

1 Answers