[keycloak-user] Microsoft identity provider
Andreas Wieland
andreas.wieland at IDA-Analytics.de
Fri Feb 8 08:49:13 EST 2019
Hi Leigh,
in your azure configuration, you have to set your endpoint to be multi-tenant.
A description how to do that can be found here:
https://docs.microsoft.com/de-de/azure/active-directory/develop/howto-convert-app-to-be-multi-tenant#update-registration-to-be-multi-tenant
kind regards,
Andreas Wieland
Software Entwickler
[cid:ed998f13-1426-4194-8bf5-1deebe29570e]
Intelligent Data Analytics GmbH & Co. KG
c/o TechQuartier
Platz der Einheit 2
60327 Frankfurt
Mobil: 015172834024
Telefon: 06421/4805274
Telefax: 06421/4805275
E-Mail: andreas.wieland at ida-analytics.de
Internet: www.ida-analytics.de
Unternehmenssitz: Frankfurt am Main | Handelsregister beim Amtsgericht: Frankfurt am Main, Registernummer: HRA 49357 | USt. ID-Nr.: DE310205810 | Finanzamt: Frankfurt am Main
Persönlich haftende Gesellschafterin: IDA Intelligent Data Analytics GmbH | Sitz: Frankfurt am Main | Handelsregister beim Amtsgericht: Frankfurt am Main | Handelsregister-Nummer: HRB 106805 | Geschäftsführer: Mohamed Ayadi, Dipl.-Inf. Nils Björn Krugmann, Dipl.-Inf. Matthias Leinweber, Dipl.-Inf. Marc Seidemann
________________________________
From: keycloak-user-bounces at lists.jboss.org <keycloak-user-bounces at lists.jboss.org> on behalf of Leigh Kennedy <Leigh.Kennedy at qlik.com>
Sent: Friday, February 8, 2019 04:01
To: keycloak-user at lists.jboss.org
Subject: [keycloak-user] Microsoft identity provider
I am trying to set up Microsoft as an identity provider as per the instructions here:
https://www.keycloak.org/docs/4.8/server_admin/#microsoft
However after being redirected to Microsoft and logging in, I get the following error:
"AADSTS50194: Application '35199672-0b05-45e0-8488-30e143f7902a' is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant."
However I don't see anywhere I can control the endpoints keycloak talks to at Microsoft. Has anyone done this? I get the feeling either Microsoft has changed some default, or the docs are missing something or both.
Thanks.
Leigh Kennedy
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Outlook-ab2rzgt2.png
Type: image/png
Size: 8351 bytes
Desc: Outlook-ab2rzgt2.png
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20190208/f3af09d9/attachment.png
More information about the keycloak-user
mailing list