We have a SaaS app and we are integrating with azure ad sso with oauth2 (locally for now) using https://github.com/TheNetworg/oauth2-azure (v2 common endpoint)
So far, you can log-in, new accounts are automatically registered(On our app, using tenant id to link them to an organizaton on our end)
The problem? I'm trying make it multi-tenant, so I've created another azure account and I don't know how to register to the application, it tells me to create the user as an external user but I would like it to be automated if possible than having to add users to our app (i.e. I was hoping our app can be registered to an external AD).
This is what I get right now when I try to login with the new user coming from an external Azure AD.
AADSTS50020: User account '*****@gmail.com' from identity provider 'live.com' does not exist in tenant '***' and cannot access the application '***-**-**-**-***' in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
Are adding external users to our main active directory the only way, and if so, is there a simple way to automate the process as much as possible (i.e. add every user from an existing AD)
