I can connect to AZUR Microsoft Entra ID

Question

Hi,

I have problem to connect to my microsoft Entra i can't connect i have this message from error,

{
  "sessionId": "0fa1458950444c9c8d436220481f8f98",
  "errors": [
    {
      "errorMessage": "interaction_required: AADSTS16000: User account '{EUII Hidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6'(ADIbizaUX) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: 883f07c4-5240-449c-b5cc-df8ad4e47e00 Correlation ID: c5ceade8-cc5d-4ef6-9d6e-f49386fca1a9 Timestamp: 2025-01-14 17:58:35Z",
      "clientId": "74658136-14ec-4630-ad9b-26e160ff0fc6",
      "scopes": [
        "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978/.default"
      ]
    }
  ]
}

someone can help me please ?

Thanks

Answer 1

Hello @Sofiane Boujemaoui ,

Thank you for posting your query on Microsoft Q&A.

Based on your description, it seems like you're encountering the AADSTS16000 error while trying to access a Microsoft Entra ID application. This error occurs when the user account you're attempting to use does not exist in the specified tenant, and the application you're trying to access requires you to be added as an external user within that tenant.

To resolve the error, sign out from the active session and sign in with a new incognito window or any different browser.

Kindly refer to below doc for similar issue and TSG:

Error AADSTS50020 - User account from identity provider does not exist in tenant

If this does not work then please validate the following:

Sign Out and Sign In Again:

• First, sign out from your current session.
• Try signing in again using a different browser or in Incognito mode to ensure no session-related issues are persisting.  

Verify You're Logging into the Correct Directory:

• Ensure you're logging into the correct Azure Active Directory (AAD) tenant, especially if you have access to multiple tenants.
• In the Azure portal, confirm you're operating in the correct tenant by checking the directory at the top-right corner.

Add the User as an External User:

• The error message indicates that your user account needs to be added as an external user in the specified tenant.
• To resolve this, a Global Administrator needs to add your account as a guest user in the tenant. Steps for the Global Administrator:
• Sign in to the Azure portal with Global Administrator permissions.
• Navigate to Azure Active Directory > Users.
• Under User settings, click on External users.
• On the External collaboration settings page, ensure the correct settings are in place to allow guest users.
• Add your account as a guest user by sending an invitation or using Bulk Add for multiple accounts.  

External Collaboration Settings (For Admins):

• Sign in to the Azure portal with Global Administrator permissions.
• Navigate to Azure Active Directory > User settings.
• Under External users, click on Manage external collaboration settings.

In the External collaboration settings page, ensure that "Guest user access is restricted to properties and memberships of their own directory objects" is correctly configured.

If the issue continues, please feel free to share any additional error details, and we’ll assist further.

I hope this information is helpful. Please feel free to reach out if you have any further questions. If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Thanks,
Chaithra.