jthake
commented
6 years ago I noticed in the latest sample , kAuthority has been shortened.
let kAuthority = "https://login.microsoftonline.com/common/"
Tried this and doesn't make a difference.
Closed jthake closed 6 years ago
jthake
commented
6 years ago I noticed in the latest sample , kAuthority has been shortened.
let kAuthority = "https://login.microsoftonline.com/common/"
Tried this and doesn't make a difference.
jthake
commented
6 years ago I have noticed that if I hit this in a browser
https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?client_id=##clientid##&response_type=code&redirect_uri=http%3A%2F%2Flocalhost&response_mode=query&scope=openid%20offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fmail.read&state=12345
this works fine in a browser. So I don't think its an application configuration issue. unless its to do with native vs web calling this?
Based on the documentation here https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols#endpoints
Changing authority to
https://login.microsoftonline.com/consumers/oauth2/v2.0/authorizeShould lock it to consumer accounts only.
But this seems to throw an error of "This doesnt look like a work or school email. You can't sign in here iwth a personal account. User your work or school account instead." It does work for that kAuthority if i put in org account.
If i change to
https://login.microsoftonline.com/organizations/oauth2/v2.0/authorizeIt allows allows org in but not consumer account.
Both work if I set back to code sample default of
https://login.microsoftonline.com/common/oauth2/v2.0/authorize