Anyone had any success implementing a custom provider for Microsoft auth? I'm getting this error after I choose a Microsoft account (a personal @outlook.com) to log in. I'm using the common tenant (https://login.microsoftonline.com/common/oauth2/v2.0) and allowed any account type (business or personal). To configure this in my SuperTokens tenant, I have this code (snippets):

ts
  await createOrUpdateThirdPartyConfig(TENANT, {
    thirdPartyId: "microsoft",
    clients: [
      {
        clientId: config.EMPLOYER_AD_CLIENT_ID,
        clientSecret: config.EMPLOYER_AD_CLIENT_SECRET,
        scope: ["openid", "profile", "email"],
      },
    ],
    authorizationEndpoint:
      "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
    tokenEndpoint: "https://login.microsoftonline.com/common/oauth2/v2.0/token",
  });

type ThirdParty =
  | {
      thirdPartyId: "google";
      clients: {
        clientId: string;
        clientSecret: string;
      }[];
    }
  | {
      thirdPartyId: "microsoft";
      clients: {
        clientId: string;
        clientSecret: string;
        scope: string[];
      }[];
      authorizationEndpoint: string;
      tokenEndpoint: string;
    };

export async function createOrUpdateThirdPartyConfig(
  tenant: string,
  thirdParty: ThirdParty,
) {
  await doFetch(`${tenant}/recipe/multitenancy/config/thirdparty`, {
    config: thirdParty,
  });
}

I cannot figure out what's going on here 🤔 When I was using Clerk for auth, I had the exact same App Registration setup as I have now (besides redirect URI of course), and I just had to enter the client credentials in the Clerk UI. So not sure what I might be doing wrong from that phase on.