I’ve set up social login with Microsoft and it works fine when I test with personal MS accounts e.g. something@outlook.com. But we’re finding that multiple of our clients who use MS for their organisation email are getting the below error (see image).
I have verified that the Azure app I set up to connect to Auth0 supports all types of MS account, not just personal ones.
Any thoughts here?
Hi @kkrp1,
Microsoft Social logins are generally used to log in with their personal MS accounts. If you require your end-users to log in with their MS account for their organization, you have to Connect Your App to Microsoft Azure Active Directory.
Let me know if you have any follow-up questions.
Thanks,
Rueben
Hi @rueben.tiow
Thanks for the reply. But I’ve already done most of the steps in the linked article. That is, I have the app, I’ve set up the redirect URLs, the permissions, etc. And the below screenshot suggests that organisational accounts should work. See below:
The one part of the article I can’t do is the part about Auth0 Enterprise. I’m a free user. So does this ultimately mean I can’t support organisational MS login, in the same way I can with organisational Google login (working fine)?
Continued thanks.
@rueben.tiow Apologies but any further thoughts here based on the above?
Hi @kkrp1,
Thanks for your replies.
That’s correct! I have just checked your tenant and confirmed that you are on the free subscription plan, which does not allow you to use Enterprise Connections. This feature is only available to Enterprise subscription plans.
Secondly, when I check your connection settings, it looks like you have Google and Microsoft social connections configured with your own developer keys. Neither of them is an Enterprise connection.
One thing we could do is to set your tenant on the trial period again so you can test these features out. However, if enterprise connections are a requirement, you will need to upgrade your tenant to an Enterprise subscription plan.
Let me know if this is something you would like me to do.
Thanks,
Rueben
Hi @rueben.tiow
Thanks for your helpful reply. Could I just row back a bit to clarify something for my understanding: all I’m trying to do is support login via Google and Microsort. It works with Google, but with Microsoft it works only with personal accounts. Are you saying that, to support Microsoft work/organisation accounts, I need Enterprise?
Or am I on the wrong lines…
Continued thanks,
Hi @kkrp1,
Thanks for the follow-up.
Yes, that is correct. You will need Enterprise to support Microsoft’s work/organization accounts. The Microsoft Social connection is only meant for personal accounts.
Thanks,
Rueben
Thanks @rueben.tiow for the clarification. Just out of interest, that’s not the case for Google, right? I have Google logins working fine, even with work/organisational Google accounts, not just personal.
Hi @kkrp1,
Of course, you’re welcome.
For Google, there is the Google Workspace Enterprise connection and Google Social connection.
The difference is that Google Social is a Social IdP, whereas Google Workspace is an Enterprise IdP.
Here are some key takeaways:
Social IdP (Google Social Connection):
Enterprise IdP (Google Workspace SSO):
I hope the clarification helps!
Thanks,
Rueben
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
