I am using External ID for my customer tenant, authenticating via an Angular SPA.
My setup is identical to what is described in this article: https://learn.microsoft.com/en-us/entra/external-id/customers/sample-single-page-app-angular-sign-in
I downloaded the sample app provided by Microsoft, replaced the auth config my details and attempted to login with a personal email account. I am able to create a new account inside the tenant but when the app attempts to retrieve a token the following error is returned.
{
"error": "invalid_grant",
"error_description": "AADSTS131010: User not allowed by policy conditions. Trace ID: b989b1cf-f73e-4d3e-b23e-a35907f50000 Correlation ID: 11dee46b-a316-4265-9a90-5810cd78f395 Timestamp: 2024-01-23 01:50:02Z",
"error_codes": [
131010
],
"timestamp": "2024-01-23 01:50:02Z",
"trace_id": "b989b1cf-f73e-4d3e-b23e-a35907f50000",
"correlation_id": "11dee46b-a316-4265-9a90-5810cd78f395",
"suberror": "bad_token"
}
I can also see the failed request in Entra. Not what to do at this point other than start from scratch and see if that resolves the issue. Any thoughts?
