Question Summary: I'm encountering persistent errors in the Microsoft Entra ID portal when attempting to access or manage user accounts and submit support tickets. Despite using the same ProtonMail-based account to create my tenant and register my apps (a Next.js app and a Chrome extension - both set to allow any user), I receive errors indicating that my account “does not exist in tenant ‘Microsoft Services’” and must be added as an external user.
(Furthermore, when I try to create a support ticket, the required "Which service are you having an issue with?" field fails to return any search results, making it impossible to proceed.)
How can I resolve these issues?
Detailed Outline of the Issue and Troubleshooting Steps:
Account and Tenant Setup:
I created a new Azure account using my ProtonMail email address.
Two apps were registered in Microsoft Entra ID (formerly Azure AD): one for my Next.js app and another for my Chrome extension.
Both apps are configured to allow any user to sign in.
Error During Sign-In:
When attempting to sign in or access the registered apps, I receive an error message:
"Selected user account does not exist in tenant 'Microsoft Services' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6' in that tenant. The account needs to be added as an external user in the tenant first. Please use a different account."- I confirmed that I’m signed in with the same account that was used to create the tenant and register the apps.
Guest User Invitation Attempt:
I tried to follow the recommended process to add my account as a member of my tenant.
However, I was unable to access the “All Users” page in the Entra portal due to the error, and every attempt (including clearing all browser data, using different browsers and devices, etc.) resulted in the same issue.
I tried starting an Office 365 trial account. That got me temporarily to that page, but then the errors quickly came back and I was unable to do anything after all.
In the end, if the "All Users" page does load at all (after I click to ignore the pop-up warning about authentication about 6 times), it just says: "The extension encountered an unexpected error and provided no additional details."
Detailed Messages:
When I go to the "Microsoft Entra ID" console, I get a lot of warnings:
A pop-up/modal/dialog/window appears front and center that says:
"Interaction required"
and:
"The portal encountered an issue while attempting to retrieve access tokens. We suggest attempting to sign in again, or alternatively, continuing without access tokens, although this may result in a suboptimal user experience. Additional details: interaction_required: AADSTS16000: User account '{EUII Hidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6'(ADIbizaUX) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: 5f8e958a-f2de-42ee-a268-986af1dd1f00 Correlation ID: 763dbac2-e777-44de-b40a-b904ca4ba9cd Timestamp: 2025-02-02 12:23:42Z."
Then at the bottom it has:
- a "Click here to copy details" link,
- and two buttons:
- one that says "Sign in again",
- and another that says: "Ignore"
When I click "Click here to copy details", it provides the following:
{
"sessionId": "e32878661cb349138f9a6886e4fb07f1",
"errors": [
{
"errorMessage": "interaction_required: AADSTS16000: User account '{EUII Hidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6'(ADIbizaUX) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: bac9fdae-dbed-42a0-bad7-7d6a8c7d1000 Correlation ID: aff1ad8e-74dd-4ab4-84e5-54ed4defc563 Timestamp: 2025-02-02 10:27:38Z",
"clientId": "74658136-14ec-4630-ad9b-26e160ff0fc6",
"scopes": [
"a57aca87-cbc0-4f3c-8b9e-dc095fdc8978/.default"
]
}
]
}
Then in the top right corner, a modal dialog continually appears that says:
The portal is having issues getting an authentication token. The experience rendered may be degraded.
Additional information from the call to get a token:
Extension: Microsoft_AAD_IAM
Resource: identity.diagnostics
Details: interaction_required: AADSTS16000: User account '{EUII Hidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6'(ADIbizaUX) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: 071c0e0e-e9c7-4a06-9e42-1b8fee4e1000 Correlation ID: 9bf6c7de-0d4c-42d0-b20e-edc0a81ae87b Timestamp: 2025-02-02 10:29:23Z
And in the console, I see:
MsPortalImpl/Services/Services.SecurityTokens
Services.SecurityTokens: Failed to get token for Microsoft_AAD_IAM & identity.diagnostics.
Error: Unknown.
Message: interaction_required: AADSTS16000: User account '{EUII Hidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6'(ADIbizaUX) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
Trace ID: bac9fdae-dbed-42a0-bad7-7d6a8c7d1000
Correlation ID: aff1ad8e-74dd-4ab4-84e5-54ed4defc563
Timestamp: 2025-02-02 10:27:38Z
When I hit "Ignore", it just keeps coming back for around 6 times before eventually letting me interact with some of the interface.
When I eventually hit "Sign in again", it takes me back to log in. Since I have no other accounts I could possibly log into, I just try logging in again with my ProtonMail account. Whenever I do, it throws an error right on the login screen in red text, saying:
"Selected user account does not exist in tenant 'Microsoft Services' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6' in that tenant. The account needs to be added as an external user in the tenant first. Please use a different account."
Additionally, from what I understand, I believe that my ProtonMail account is being lumped under the general bucket of personal account, which the system just labels as coming from identity provider 'live.com'. (I don't actually have a "live.com" account.)
I am the only person in my "tenant". I just created this account about a week ago. I've never touched Azure before. And no one else is working with me. There is no team, no admins, no org — just me.
Support Ticket Submission Failure:
When I attempted to create a new support ticket via the Azure portal’s “Help + Support” section, after entering a brief description, I was prompted with the required field “Which service are you having an issue with?”
The search input for this field never returned any results (always showing “Search Options” and “No matched item found”), preventing me from selecting an option and submitting the ticket.
Troubleshooting Steps Taken:
- Cleared Browser Data: Deleted all cookies, cache, and local storage related to Microsoft services.
- Tried Multiple Browsers/Devices: Tested in different browsers (including incognito/private modes) and on different devices/networks.
- Office 365 Trial Attempt: Started an Office 365 trial using my ProtonMail account in an effort to convert it to a work/school account, but the problem persisted.
- Verified Account Consistency: Confirmed that I have not used any other Microsoft accounts and am using the same account for all actions.
Current Impact:
- I am unable to manage my registered apps or obtain support due to these issues.
- The error suggests my account is being treated as a consumer (personal) account that isn’t recognized as a member of my tenant—even though it was used to create the tenant.
- The broken support ticket interface prevents me from escalating this issue via official channels.
Question: Given that I have tried all the above troubleshooting methods, how can I resolve the issue where my ProtonMail-based account is not recognized as a member of my tenant in Microsoft Entra ID (resulting in the error about the account not existing in tenant 'Microsoft Services')? (And why is the support ticket submission interface failing to render service options?)
Any assistance or guidance in diagnosing and resolving these issues would be greatly appreciated.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 11%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERD%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 30%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)