How to configure Auth0 to authenticate with other companies Azure Active Directory?

I have Auth0 configured with Social Connections > Microsoft Account.

This is linked through Client ID/secret to a Microsoft Azure Active Directory tenant in my Microsoft organization, with an App Registration set to allow:

Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox) All users with a work or school, or personal Microsoft account can use your application or API. This includes Office 365 subscribers.

When I log in through my app, I can authenticate successfully using my personal account eg.

However, when I try to authenticate with my work account, which is managed with an Azure Active Directory, it fails with

“That Microsoft account doesn’t exist. Enter a different account or get a new one.”:

I thought given the Microsoft settings it would allow it to connect.

  1. How can I make Auth0 allow Microsoft authentication with other company’s existing Azure Active Directory?
  2. Also - can I configure it to limit that feature to specific companies AAD eg. those I have specifically nominated?
  3. Is there a way to configure this without having to upgrade to Auth0 Enterprise?

Hi @Andrew3386,

Welcome to the Auth0 Community!

It sounds like there is some confusion here about the difference between Azure AD and Microsoft Social connections.

The Azure AD connection integrates with an enterprise Azure AD instance, whereas the MS social connection connects with the global Microsoft identity platform (like Xbox, private Office accounts, etc).

To address your questions:

You can accomplish this with an Azure AD Connection. doc: Connect Your App to Microsoft Azure Active Directory

Yes, it is limited to a specific domain.

As it currently stands, the B2B Essentials plan includes 3 enterprise connections. See more here:

Hope this helps!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.