AADSTS50020:身份提供商"live.com"中的用户帐户"abc@outlook.com"在租户"xyz"中不存在,并且无法在该租户中访问应用程序"1b4fd1d3-2255-4318-af43-b2d813405280" [英] AADSTS50020: User account 'abc@outlook.com' from identity provider 'live.com' does not exist in tenant 'xyz' and cannot access the application '1b4fd1d3-2255-4318-af43-b2d813405280' in that tenant
问题描述
您好,
我正在使用基于Asp.net的应用程序,并尝试使用多租户域登录配置单点登录,但不起作用.
I am working on Asp.net based application and try to configuring single sign on with multi Tenant domain login but not working.
错误消息:
AADSTS50020:来自身份提供者"live.com"的用户帐户"abc@outlook.com"在租户"xyz"中不存在,并且无法在该租户中访问应用程序"1b4fd1d3-2255-4318-af43-b2d813405280".该帐户需要作为外部用户添加到 租户优先.注销并使用其他Azure Active Directory用户帐户再次登录.
AADSTS50020: User account 'abc@outlook.com' from identity provider 'live.com' does not exist in tenant 'xyz' and cannot access the application '1b4fd1d3-2255-4318-af43-b2d813405280' in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
请仔细调查此案.
谢谢.
推荐答案
因此,看来您用来访问该应用程序的帐户不属于租户,因为应用托管于此.
So, it seems that the account you are using to access the application is not a part of the tenant that the application is hosted on.
这里有两个主要选项.
There are two main options here.
1.将用户添加到租户:
1. Add the user to the tenant:
在这种情况下,您必须将用户添加到托管该应用程序的租户中.您可以按照此 为该用户授予对应用程序的访问权限.
In this case you have to add the user to the tenant that the application is hosted in. You can follow this document to add the user <abc@outlook.com> as a Guest User to the tenant. And then you have to grant access to the application for the said user.
2.使该应用程序成为多租户应用程序:
2. Make the application as a Multi-Tenant Application:
您可以 文档描述了单租户和多租户应用程序之间的关系.另一个 好读在同一页面上.
You can convert the application to accept users from multiple tenants. In this way you can give access to users who are not in your tenant without having to add them to the tenant where the application is in. This document describes the between Single and Multi-Tenant Applications. Another good read on the same.
这篇关于AADSTS50020:身份提供商"live.com"中的用户帐户"abc@outlook.com"在租户"xyz"中不存在,并且无法在该租户中访问应用程序"1b4fd1d3-2255-4318-af43-b2d813405280"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
