The key thing to do is PRETEND that you are signing up for a microsoft live application (even though you are really using your own AAD tenant).
So, first create a store app reservation and associate the sample app source code with that reservation. Then go to windows live – and find the following 3 pieces of “app setting” information (don’t ask why).
In your mobile site, specify these values in the microsoft account settings area of the identity settings – even though you are NOT trying to associate your site with microsoft accounts. (This is the magic that allows the client, the site and the libraries to setup SSO, rather than accept invite users to present microsoft account identities)
Package SID: ms-app://s-1-15-2-2046316581-155186758-2005573411-1086478214-2361134102-2500721798-9514390
Client ID: 000000004012130A
Client secret: cVyeQ99HHSLiHZlbqAxK2n4Qor9xfNrm