I manually changed the Redirect URL in tabSocialLoginKey, then I end up with email not verified with Office 365 error.
I followed instructions from this link - Login with Office 365: Email not verified - Integration - Frappe Forum, and added optional claim for email for all three token types (ID, Access, SAML).
Now it works.