A am using Oauth login with microsoft entra to allow users with a Microsoft account to login to our website.
This works fine if I login with an email which belong to the same email address as the website. I get user info and all that.
But if I test with a personal Microsoft account login fails with the error message:
"Message: AADSTS500200: User account '[email protected]' is a personal Microsoft account. Personal Microsoft accounts are not supported for this application unless explicitly invited to an organization. Try signing out and signing back in with an organizational account. "
I am requesting the scope "profile", and an example for a url is:
https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=1a729dee-4a8a-4519-bea7-b1e415f1f035&redirect_uri=https%3A%2F%2Fspintype.ai%2FMicrosoftOAuthCallback&scope=profile
In the web app setup under "Supported account types" it say
"Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox) All users with a work or school, or personal Microsoft account can use your application or API. This includes Office 365 subscribers."
So i don't understand why login with a personal Microsoft account is not allowed. Are there any other settings I need to enable, or ???