I’m trying to integrate Microsoft login (OIDC) with my Okta org (algoshack-trial-3054913) to allow both internal and external Microsoft users to log in using “Sign in with Microsoft”. The setup works partially — but I’m running into an intermittent issue where the login fails with this error:
Blockquote
400 Bad Request
Your request resulted in an error.
Error: User canceled the social login request.
Error Code: access_denied
However, the user did not click cancel, close the tab, or deny permissions. They logged in correctly on the Microsoft side, but Okta still throws this error.
What I’ve Checked / Verified:
- Client ID and Client Secret from Azure App Registration are correct and active.
- Redirect URI is correctly set and matches exactly (no trailing slash mismatch):
https://trial-3054913.okta.com/oauth2/v1/authorize/callback
- Tried logging in from private/incognito window — same result.
- Retried from multiple accounts and browsers.
- We’re not using EAM right now, just standard OIDC IdP setup in Okta.
- IdP routing is based on email domain.
- We’d like to support all Microsoft accounts (internal + external).
Thanks in advance for your help! Happy to provide more logs or screenshots if needed.