Azure AD AADSTS90072 Error

Dean Reid 0 Reputation points

Good Morning, 


I'm currently assisting in the process of Migrating all our users to SSO on our app, however, they are getting the AADSTS90072 Error as follows


AADSTS90072: User account '' from identity provider '' does not exist in tenant '%COMPANY%' and cannot access the application '%APPLICATIONID%'(LastPass Login App) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account 

Out of the 2000+ users we have migrated, only 13 people show this error so we have confirmed that it isn't anything to do with the provisioning of the apps and it does not appear to be a vendor issue.


however we can't seem to find a way around this, we have even tried changing the URL mid-load which was never expected to work in the first place, but at this point, we are trying everything.


I have noticed that when the user goes through the login process, the web URL that it directs them to is whereas the users that work get directed to


Our company uses the UPN as the primary login email and all of our user's UPN is different from the email address which it's trying to log in as.


Our UPN is; []

whereas our email is []

We have compared each of the affected users vs working users' proxy information and they are all using the same proxy, we also checked the SMTP setup and they are all the same for each of them minus the different names.

has anyone got any idea what could be causing this?


We have noticed that on 3 of the affected users, it will initially prompt them to sign in using their [] email address, but when they put their password in it will tell them it's incorrect, and it doesn't give them the option to change the email they use to login.

We checked the logs but nothing is showing up. possibly because it's being directed to so it's not actually making it anywhere near the AD Tenant



Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,873 questions
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
391 questions
{count} votes