directory Situation with getting a list of user tenants. Whe...">
Clever Geek Handbook

"AADSTS50034: To log into this application, an account must be added to the <GUID> directory

Situation with getting a list of user tenants. When a user logs on to the directory where he is a member, no exception is thrown. Otherwise, it happens, but this user is assigned to this directory as a Guest.

Exception: {
    "error":"invalid_grant",
    "error_description":"AADSTS50034: To sign into this application the account must be added to the GUID directory.\r\nTrace ID: GUID\r\nCorrelation ID: GUID\r\nTimestamp: 2017-08-03 14:32:32Z",
    "error_codes":[50034],
    "timestamp":"2017-08-03 14:32:32Z",
    "trace_id":"GUID",
    "correlation_id":"GUID"
}

The stack points to AcquireTokenSilentAsync.

+3


source to share


2 answers


Ok, so I was very curious about what was wrong - and it was actually a mistake I made in the sample (I didn't even notice from the Fiddler logs, what a shame). The problem was that I was using the endpoint common

everywhere for token cache and fetching new tokens. This is similar to working with a Microsoft account, but not for B2B users. I updated the sample code to include fixes for the permissions url to always accept the tenant ID instead of the shared namespace, which really shouldn't be used anyway. Read more on this on the Vittorio Blog .



0


source


If you have not developed a multi-tenant application, the user must register with that tenant to receive a token from Azure AD.

And if you were developing an application with multiple tenants, we have to replace the tenant common

with an authorization / token request (see this link ).



Update

enter image description here

-1


source






More articles:


All Articles