Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Managing external identities to enable secure access for partners, customers, and other non-employees
Azure Entra External ID + OIDC Federation - Local and Federated Identities Issue
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 57.99999999999999%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Saravana Kumar Palanisamy
20
Reputation points
I’m integrating Entra External ID (CIAM) with an external OIDC identity provider (Azure AD B2C). I’m creating users in the EEID tenant using Microsoft Graph, and giving them both local and federated identities with Password profile
Here’s the identity fetched after creating:
"identities": [
{
"signInType": "federated",
"issuer": "https://demodigitalb2c.b2clogin.com/*******-7659-4181-8671-7e4c934bfdcf/v2.0/</*******--a3ec-4fa7-a471-d4eb8006dedb>",
"issuerAssignedId": "8180e51e-aa7b-403d-9bbc-a27b8f728562"
},
{
"signInType": "emailAddress",
"issuer": "demodigitalciamuat.onmicrosoft.com",
"issuerAssignedId": "******@email.ghostinspector.com"
},
{
"signInType": "userPrincipalName",
"issuer": "demodigitalciamuat.onmicrosoft.com",
"issuerAssignedId": "******@demodigitalciamuat.onmicrosoft.com"
}
],
The Issues faced are
- When I go to the login page and enter the email address, I get: “There was an issue looking up your account. Tap Next to try again.”
- If I click the Federated login button, it redirects to the external IdP and logs in successfully.
- But after logging out and trying again, the login page shows: AADSTS50000: There was an error issuing a token or an issue with our sign-in service.
Can you please help on this.
Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Sign in to answer