Auth against Azure AD multi-tenant

After a reasonable time beating my head against a wall, I think I’ve come to the conclusion that the CF Access/Teams authentication system only supports single-tenant Azure AD auth.

I need multi-tenant support, such that a user from another zone/tenant/organisation can authenticate with my application.

When trying this I get an error such as:
Selected user account does not exist in tenant '' and cannot access the application '3a67a705-73a4-4141-81ba-7758dbc3a81b' in that tenant. The account needs to be added as an external user in the tenant first. Please use a different account.

I think that CF Access are using the single-tenant authentication flow, which needs significant changes to support mufti-tenant auth: Build apps that sign in Azure AD users - Microsoft identity platform | Microsoft Docs

Does CF Access support multi-tenant Azure AD? If not, can this be added?


Hi @brian48. Are you able to raise a ticket for this so I can get this checked internally for you? If you can post the support ticket ID here that would be great.

Hi @lcrowter. Please see ticket 2177529. Thanks looking into this.