Share via

How to fix "interaction required" error in Azure Active Directory

Alex Ning 20 Reputation points
2024-05-31T18:51:27.92+00:00

I'm receiving an "interaction required" error with the following error message when trying to access an application in Azure Active Directory:

{
  "sessionId": "79931c6c741740fe97d5f77335f8dda6",
  "errors": [
    {
      "errorMessage": "interaction_required: AADSTS16000: User account '{EUII Hidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '0a2057a8-149c-40ca-859e-98de032535fb'(Microsoft Azure Marketplace) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: 62deec88-cc86-4948-b8fc-f9ba3fc63c00 Correlation ID: dbe4aa0c-fe2a-4cbb-baae-4c318501285f Timestamp: 2024-05-31 18:47:25Z",
      "clientId": "0a2057a8-149c-40ca-859e-98de032535fb",
      "scopes": [
        "a0e1e353-1a3e-42cf-a8ea-3a9746eec58c/.default"
      ]
    }
  ]
}

Can someone help me troubleshoot and fix this error? Thank you.

This question is related to the following Learning Module

Azure AI services
Azure AI services
A group of Azure services, SDKs, and APIs designed to make apps more intelligent, engaging, and discoverable.
2,944 questions
Azure Training
Azure Training
Azure: A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.Training: Instruction to develop new skills.
1,794 questions
Accepted answer
  1. YutongTie-MSFT 53,236 Reputation points
    2024-05-31T20:39:32.3766667+00:00

    Hello Alex,

    Thanks for reaching out to us, the "interaction required" error in Azure Active Directory (AAD) typically occurs when the user's session requires additional interaction, such as re-authentication or consent, before proceeding. In your case, the error message indicates that the user account does not exist in the specified tenant and needs to be added as an external user first.

    Is that your case? If it is, please follow the below steps -

    Verify User Account: Confirm that the user account you are using exists and is correctly associated with the specified Azure Active Directory tenant. Ensure that the user is not trying to sign in with a different account than the one expected.

    Check Tenant Configuration: Double-check the tenant configuration to ensure that the specified Azure Active Directory tenant is correct. If you are expecting the user to belong to a different tenant, make sure they are signing in with the correct credentials.

    External User Addition: If the user account is indeed supposed to be external to the tenant, follow these steps to add them as an external user:

    • Go to the Azure Active Directory portal.
      • Navigate to "External Identities" > "External Collaboration Settings."
      • Enable external collaboration if it's not already enabled.
      • Add the user as a guest user or external user to the tenant using their email address.

    Sign Out and Sign In Again: After adding the user as an external user, ensure that they sign out of their current session and sign in again using the correct credentials. This step is essential to ensure that the changes take effect and the user's session is refreshed.

    I hope this helps, please let us know if you need more help.

    Regards,

    Yutong

    -Please kindly accept the answer if you feel helpful to support the community, thanks a lot.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.