azure - 从 Microsoft 门户 Azure Active Directory 获取错误问题

Question

我从 Microsoft Azure 门户的通知中收到此错误消息。

The portal is having issues getting an authentication token. The experience rendered may be degraded.

Additional information from the call to get a token: Extension: Microsoft_AAD_Devices Resource: microsoft.graph Details: The logged in user is not authorized to fetch tokens for extension 'Microsoft_AAD_Devices' because the user account is not a member of tenant 'f8cdef31-a31e-4b4a-93e4-5f571e91255a'. Error details: AADSTS50020: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application 'c44b4083-3bb0-49c1-b47d-974e53cbdf3c'(Azure Portal) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: 413061e1-2c1d-4890-a627-b433d2445000 Correlation ID: 09150c16-6f71-426b-9c88-8559a286d9a2 Timestamp: 2022-03-21 04:26:32Z

在我收到此消息之前，我的应用程序(守护进程节点 js 应用程序)工作正常，并且没有给我 401 错误，自从出现此错误以来，我现在收到了 401 错误。无法排除故障。我的代码如下

require('dotenv').config();

const yargs = require('yargs');

const fetch = require('./fetch');
const auth = require('./auth');



async function main() {
            try {
                // here we get an access token
                const authResponse = await auth.getToken(auth.tokenRequest);
                console.log(authResponse.accessToken);
                // call the web API with the access token
                let users = await fetch.callApi(auth.apiConfig.uri, authResponse.accessToken);

                // display result
                console.log(users);
            } catch (error) {
                console.log(error);
            }

    
    
};

main();

Answer 1

AADSTS50020: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application 'c44b4083-3bb0-49c1-b47d-974e53cbdf3c'(Azure Portal) in that tenant.

当您被重定向到登录应用程序时，您可能有一个使用不同个人帐户或组织帐户或使用个人访客帐户的事件 session 。

要检查问题所在，请检查错误消息中的用户帐户和身份提供商值。

要解决该错误，请从事件 session 中注销，然后使用新的隐身窗口或任何其他浏览器登录。

如果有帮助，请找到此链接:

Error AADSTS50020 - User account from identity provider does not exist in tenant