'You are not a member of this organization' error when accessing D365 instances (like through an AppSource Test Drive) that are not in home tenant
Technical details can be found in Microsoft Support request ID 119082922002334.
If I'm a user, with Dynamics 365 in the tenant tied to my local Azure Active Directory -- and I access that D365 environment, and then, using the account I logged in with there, I try to access a D365 instance in a tenant that different -- such as a D365 instance that has been made available to me through an AppSource Test Drive, I will get an error like that below:
>>> You are not a member of this organization
>>> You (firstname.lastname@example.org) do not belong to the organization
>>> ORG. Verify the organization name and try to sign in again.
>>> Error Code: notMemberOfOrg
The error is actually incorrect; it comes up even though the user IS a member of the D365 org (having been added, for example, via the Test Drive process).
@JeffCornwell - I raised this issue in the chat of the July 16th Inspire session 'Ask the Experts: Drive growth with the most partner-friendly commercial marketplace' that you moderated, where I was assured someone would take a fresh look at this given Brian Levenson's departure from Microsoft.
It is discouraging no one has followed up on this yet.
This issue breaks App Source's Test Drive.
It's been raised to the awareness of the Commercial Marketplace group for over a year.
Can we get some traction here?
@MikeO, can we get an update on this topic? The current experience renders TEST DRIVE nonfunctional. I'd be curious to see the percentage of people that click "TEST DRIVE" and are never successfully logged into the test drive tenant. Based on what I can see in admin center I'm not certain that any of the test drive users made it through on our offer.
The cookie issue needs to be cleaned up so they can authenticate correctly against the test drive tenant OR there needs to be very clear messaging to the user that they need to open a new InPrivate browser window to access the test drive (while the cookie issue is being fixed).
This was what a user sees as of July 2nd.
I was able to track the support ticket back to an engineering work item. To summarize, the problem is related to an invalid cookie and a poorly written error message. You're absolutely right that the user is a member of the org but their authentication is failing by design.
Have you been able to work around this error message or is it a consistent and blocking experience?
Thanks for connecting on this!
A user theoretically can work around the problem by making sure they are completely logged out of all D365 instances (e.g., using Incognito or Private Browsing modes as a starting point can help) and then accessing the Test Drive D365 instance first.
Where I, as a pretty advanced technical user, have a need to access a D365 instance in a remote tenant using my home tenant's credentials, that can work.
BUT - in the Test Drive scenario, this just adds a ton of friction. A prospect wanting to do the Test Drive who gets the error probably is just going to bail. Worse, most Test Drives are time limited. And by the time a prospect that wants to do the Test Drive badly enough to get in contact with us, and have us walk them through this work around -- the time window for the Test Drive will probably have expired.