Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,059 questions
Allow known users to log in to my web app (SPA) with Entra Id
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 35%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Joakim
0
Reputation points
We have a web application (SPA) where users log in with mail address and password.
A particular customer is using Entra Id for the organisation's users.
Most of their users are known in our application thru matching email addresses.
I'd like to offer those users to log in using Entra Id and Single Sign-on.
In Microsoft Entra Admin Center, we've created a tenant and added our application.
We’ve changed our app to accept login with MSAL.
The login works fine, but only with the two users we've added manually.
Is there any way to accept all users?
In principle any user with valid id from Microsoft is ok for now.
We have set up the application with ‘Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)’
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)
Akhilesh Vallamkonda 11,435 Reputation points Microsoft Vendor2025-01-30T21:57:20.57+00:00 Hi @Joakim
Thank you for reaching Microsoft!
If I understand correctly, you are trying to configure an application which accept known account from Microsoft. May I know what you mean by valid Microsoft account and can you describe "Is there any way to accept all users"
As you mentioned you choose the Supported account types as "Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)" by selecting this option you are allowing a wide range of users to access your application with Work or School Accounts any users with a work or school account from any Microsoft Entra (formerly Azure AD) tenant can sign in.
Personal Microsoft Accounts any users with personal Microsoft accounts, such as those used for Skype, Xbox, or Outlook.com, can also sign in
Sign in to comment
Sign in to answer