cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
RubénP
Frequent Visitor

Microsoft LogIn Unable to authenticate with external account provider.

Hello,

I'm configuring a Microsoft APP to do the authentification process with Microsoft accounts for my Power Portal.

I don't allow to register new users, i only want to let in the customers that have email or microsoft account in my CRM.

 

I already follow the Microsoft documentation:

1. I've created the microsoft app, and the secret id.

2. I've chained the two platforms throught redirection URL, Client id and Secret id.

3. I set permisions like that:

RubnP_0-1655386660993.png

I have a google authentification option too and it's working.

But when i try to log in throught my Microsoft option: 

1.

RubnP_1-1655386767390.png

2.

RubnP_2-1655386789978.png

I can Log in, but when my first page after that:

3.

RubnP_3-1655386853266.png

"

Unable to authenticate with external account provider.

"

Anyone can help me?

 

Thank You!

 

pd: I have the option for external Log in.

RubnP_4-1655386982398.png

 

 

 

 

 

1 REPLY 1
chleverenz
Super User
Super User

@RubénP ,

basically, users in portals/power pages are contacts. So, for each "login" there has to be a contact. Roles with the tablepermissions are set and assigned to a contact.

When using external authentication, another table is filled, which relates the external id with the conact. I think, the name of the table is somethinfg like external Identities. Its a 1-n relation from thecontacts and can be seen from there. For each external login, there has to be an entry in that table with a lookup to the contact (ok, obvious), the id od the external provider, usually something like https://account.microsoft.com/<tenantid> or so. And the userid in the foreign system. Usally (but can be anything) a guid sent along with the token. Not sure, which claim is used from the token, i forget this always 🙂

And the contact has to be portal enabled.

When all theses conditions are met, the external authentication will select the correct contact.

 

Usually, when signing up with an external identity, the contact can be generated and directly linked to the external provider.

 

A lot of text, sorry for that.

Hope it helps,

  Christian

Helpful resources

Announcements
Welcome Super Users.png

Welcome Super Users

The Super User program for 2022 - Season 2 has kicked off!

Ignite 2022

WHAT’S NEXT AT MICROSOFT IGNITE 2022

Explore the latest innovations, learn from product experts and partners, level up your skillset, and create connections from around the world.

September Events 2022

Check out all of these events

Attend in person or online, there are incredible conferences and events happening all throughout the month of September.

Users online (4,349)