Django allauth Microsoft SSO

I'm having trouble configuring my SSO options for my Django project that I'm working on. I'm hoping to make it so that only those users in my organization are able to sign into the application but I keep getting the following error:

AADSTS50194: Application 'Azure: Application (client) ID'(DjangoAppSSO) is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.

I have gone in and populated the admin console with my Client ID being the same as above from the Azure account. I also created a Client Secret with my Value and Secret ID and put those in the admin console as well. I populated the Value as the "Key" in admin and Secret ID as the "Secret Key". All the required imports are done for settings.py and I believe the issue is in what I am giving the SOCIALACCOUNT_PROVIDERS possibly.

settings.py:

SOCIALACCOUNT_PROVIDERS = {
    'microsoft': {
       
        'APP': {
            'tenant': 'organization',
            'client_id': 'Azure: Application (client) ID',
        }
    }
}

Just for clarification sake, anywhere it says "Azure: Application (client) ID" is the actual value from there, I just don't want to post it anywhere.

AADSTS50194: Application is not configured as a multitenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.

The above error usually occurs if users tried to sign-in to your single-tenant application with multi-tenant (/common) endpoint.

Please note that, organizations is used for multi-tenant applications where it allows users to sign in with both work and school accounts.

To resolve the error, you need to modify your settings.py file by replacing organizations with your Tenant ID like below:

SOCIALACCOUNT_PROVIDERS = {
    'microsoft': {
       
        'APP': {
            'tenant': 'Your_TenantID', //You can also give tenant domain here(contoso.onmicrosoft.com)
            'client_id': 'Azure: Application (client) ID',
        }
    }
}

You can find Tenant ID of your tenant like below:

Go to Azure Portal -> Azure Active Directory -> App Registrations -> Your Application -> Overview

enter image description here

Alternatively, you can change your existing single tenant application to multi-tenant by changing its Supported account types without modifying settings.py like below:

enter image description here

Reference:

Client application configuration (MSAL) | Microsoft Docs

Microsoft OAuth2 provider for django-allauth by Vincent Schänzer

I have just posted this answer to a similar topic. You now need to use 'TENANT' capitalised or it will not work

Back to Top