Choosing which M365 account to use during Azure IDP login process

chris.lees

I have more than one Microsoft 365 tenant account for different companies that I work for.

We have implemented a multi-tenant Fusion Auth instance.

When I connect to different tenants I sometimes need to sign-in using a different M365 account.

We have correctly (I believe) configured Fusion Auth applications, identity providers and tenants - I believe correctly because we can log into each of the tenants with the various M365 accounts.

However, sometimes when logging into a tenant, when I click the button on the login panel to use the Microsoft Azure IDP, the system tries to log me in with one of the M365 accounts that is already signed in, and - if it is the wrong one - gives an error.

How can I change this behaviour to be more like other application authentication, where it will prompt me for which of my accounts I want to use?

dan

@chris-lees Does M365 support the prompt parameter? It looks like it does.

I'd look at adding that parameter to the authorize URL that FusionAuth is generating. If you want to prompt the user every time, you can add it in the Identity Provider configuration. If you want to do it occasionally, I'd look at writing some javascript to append it to the URL in the themed pages.