Cannot access Azure AD

Question

Cannot access Azure AD

Wojciech Sobiesiak 101

I'm opening this and see this error.

{
  "sessionId": "d82a220498774539b10683d9f8af4b28",
  "errors": [
    {
      "errorMessage": "interaction_required: AADSTS16000:
 User account &#39;{EmailHidden}&#39; from identity provider &#39;live.com&#39; 
does not exist in tenant &#39;Microsoft Services&#39; a
nd cannot access the application &#39;74658136-14ec-4630-ad9b-26e160ff0fc6&#39;(ADIbizaUX) in that tenant. 
The account needs to be added as an external 
user in the tenant first. Sign out and sign 
in again with a different Azure Active Directory 
user account.&#13;&#10;
Trace ID: d0d236b1-f2b1-45b0-bef1-e6d62a953e00&#13;&#10;
Correlation ID: f97ccbec-145e-4a5e-8e38-c0dd1e85924b&#13;&#10;Timestamp: 2023-08-15 13:06:54Z",
      "clientId": "74658136-14ec-4630-ad9b-26e160ff0fc6",
      "scopes": [
        "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978/.default"
      ]
    }
  ]
}

And when I try to log in 

AADSTS50020: User account '******@interia.pl' from identity
 provider 'live.com' does not exist in tenant 'Microsoft Services'
 and cannot access the application 'f9885e6e-6f74-46b3-b595-
350157a27541'(Microsoft_AAD_UsersAndTenants) in 
that tenant. The account needs to be added as an external 
user in the tenant first. Sign out and sign 
in again with a different Azure Active Directory user account.

how to add myself to microsoft tenant azure active directory services as external-whatever-it-is?

JamesTran-MSFT 36,861 Reputation points Microsoft Employee

2023-08-21T19:18:57.9633333+00:00

@Wojciech Sobiesiak

I wanted to check in and see if you had any other questions or if you were able to resolve this issue?

If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.

If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.
Wojciech Sobiesiak 101 Reputation points

2023-08-21T19:51:47.29+00:00

Actualy I will try to make a record. I "fight" in many areas. Step by step I'm making a progress. I know one thing for sure, today problem occured again but didn't log me out. Just need to wait some time with error message been showed. When I wait some time, then click I'm able somehow to do what I need. Thanks for being with me.
Wojciech Sobiesiak 101 Reputation points

2023-08-21T20:32:55.3566667+00:00

Actualy I will try to make a record. I "fight" in many areas. Step by step I'm making a progress. I know one thing for sure, today problem occured again but didn't log me out. Just need to wait some time with error message been showed. When I wait some time, then click I'm able somehow to do what I need. Thanks for being with me.

This is the video record where error is shown 5:20

https://youtu.be/EM4mxiw4c8w
Shweta Mathur 30,271 Reputation points Microsoft Employee

2023-08-22T03:52:18.0166667+00:00

@Wojciech Sobiesiak

Thanks for sharing the video to get into details of error.

In the video, it's clearly visible that you have logged in from your personal account and connected to Microsoft Services tenant ( f8cdef31-a31e-4b4a-93e4-5f571e91255a) which will not allow to manage operations in this tenant.

You need to create your own tenant rather than using the Microsoft Services (f8cdef31-a31e-4b4a-93e4-5f571e91255a) tenant. When you create a new tenant, you by default become the Global Administrator of the new tenant and have full access to all the options in that tenant.

As of now, it is allowed you to do basic operations, but you will not be able to manage them in Microsoft Tenant.

Please follow the steps below to create a new tenant.

Thank,

Shweta
Shweta Mathur 30,271 Reputation points Microsoft Employee

2023-08-31T04:57:28.07+00:00

Hi @Wojciech Sobiesiak ,

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Wojciech Sobiesiak 101 Reputation points

2023-08-31T05:27:53.03+00:00

Hi Shweta Mathur , actually, when I was informed that I cannot create my webstore nor social media nor information portal nor ads portal with Azure , I can't see use of it for me. So have very little reason to create this account. Authorization - ok but what else? I'm not part of any organisation, all I do is just playing with code like on these records:

https://www.youtube.com/channel/UCW-rBM03cgENDUmwkhhjTdg

1 answer

Your answer

JamesTran-MSFT 36,861 Reputation points Microsoft Employee

2023-08-21T19:18:57.9633333+00:00

@Wojciech Sobiesiak

I wanted to check in and see if you had any other questions or if you were able to resolve this issue?

If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.

If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.
Wojciech Sobiesiak 101 Reputation points

2023-08-21T19:51:47.29+00:00

Actualy I will try to make a record. I "fight" in many areas. Step by step I'm making a progress. I know one thing for sure, today problem occured again but didn't log me out. Just need to wait some time with error message been showed. When I wait some time, then click I'm able somehow to do what I need. Thanks for being with me.
Wojciech Sobiesiak 101 Reputation points

2023-08-21T20:32:55.3566667+00:00

Actualy I will try to make a record. I "fight" in many areas. Step by step I'm making a progress. I know one thing for sure, today problem occured again but didn't log me out. Just need to wait some time with error message been showed. When I wait some time, then click I'm able somehow to do what I need. Thanks for being with me.

This is the video record where error is shown 5:20

https://youtu.be/EM4mxiw4c8w
Shweta Mathur 30,271 Reputation points Microsoft Employee

2023-08-22T03:52:18.0166667+00:00

@Wojciech Sobiesiak

Thanks for sharing the video to get into details of error.

In the video, it's clearly visible that you have logged in from your personal account and connected to Microsoft Services tenant ( f8cdef31-a31e-4b4a-93e4-5f571e91255a) which will not allow to manage operations in this tenant.

You need to create your own tenant rather than using the Microsoft Services (f8cdef31-a31e-4b4a-93e4-5f571e91255a) tenant. When you create a new tenant, you by default become the Global Administrator of the new tenant and have full access to all the options in that tenant.

As of now, it is allowed you to do basic operations, but you will not be able to manage them in Microsoft Tenant.

Please follow the steps below to create a new tenant.

Thank,

Shweta
Shweta Mathur 30,271 Reputation points Microsoft Employee

2023-08-31T04:57:28.07+00:00

Hi @Wojciech Sobiesiak ,

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Wojciech Sobiesiak 101 Reputation points

2023-08-31T05:27:53.03+00:00

Hi Shweta Mathur , actually, when I was informed that I cannot create my webstore nor social media nor information portal nor ads portal with Azure , I can't see use of it for me. So have very little reason to create this account. Authorization - ok but what else? I'm not part of any organisation, all I do is just playing with code like on these records:

https://www.youtube.com/channel/UCW-rBM03cgENDUmwkhhjTdg

Answer 1

Hi @Wojciech Sobiesiak ,

Thanks for reaching out.

Azure AD error codes AADSTS16000 is thrown when the user not found in the tenant used for authentication.

The error AADSTS50020: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' usually occurs when you sign in to Azure Portal using your personal account which is not added as an external/guest user to an Azure AD tenant.

Since you are connected to the Microsoft Services tenant as a standard user with restricted access, you cannot perform actions such as creating new users, groups, enterprise applications, and so on. To perform administrative actions, you must have administrative access to the tenant.

For this purpose, you need to create your own tenant. When you create a new tenant, you by default become the Global Administrator of the new tenant and have full access to all the options in that tenant.

To create a new tenant, open in-private/incognito browser window (just to avoid SSO), access https://azure.microsoft.com/en-us/free/ to create a free Azure account.

Once the new account is created, you should be able to see and switch to the new tenant by clicking on the settings icon as highlighted below:

Alternatively, you can ask the global administrator or any existing Azure AD tenant to invite you as a guest user as mentioned here: https://docs.microsoft.com/en-us/azure/active-directory/external-identities/add-users-administrator#add-guest-users-to-the-directory. Once you are added to an azure tenant and you accept the invite sent to you via email, you can use https://portal.azure.com/#create/Microsoft.AzureActiveDirectory URL to create your own tenant as well.

Hope this will help.

Thanks,

Shweta

Please remember to "Accept Answer" if answer helped you.

Wojciech Sobiesiak 101 Reputation points

2023-08-16T11:13:52.45+00:00

Don't know if it helps. Somehow this message is not shown now. But with full premeditation I checked option to inform administratior about this issue, because happend 50 times?

My solution is to get to Azure AD , ignore error messages and fast as it is possible to create new secret for application (because after several error messages, user is logged out from Auzer portal and can't log in - bacause as in my first post happens what happens). And this is necessery because after some time (but for sure not 24 months, rather after one hour) my secret value e.g k24kh2h32kjhk23 is replaced with k24* * * * * * * * (without spaces).

My first experience with Azure AD graph and outlook.

With gmail it took me about several hours to create an app that usses gmail account , with M solution , three and half day.

And there is whole #graph.message.attachmentFile issue.
Shweta Mathur 30,271 Reputation points Microsoft Employee

2023-08-17T07:41:33.8333333+00:00

@Wojciech Sobiesiak

I'm sorry to hear that you've been experiencing issues with Azure AD and creating an app.

If you're having trouble logging in to the Azure portal, you may want to try clearing your browser cache and cookies, or using a different browser to see if that helps.

As I suggested above, if you are still using personal id to access the portal, you might not be able to perform administrative actions. It would be recommended to ask the Global administrator to add you guest user in the tenant.

Regarding creating a new secret for your application, Azure does not overwrite the client secret value. Instead, it masks the client's secret value after it has been saved to protect it from being exposed accidentally. The masked value does not affect the functionality of the client secret.

Thanks,

Shweta

Please remember to "Accept Answer" if answer helped you which will help others in community as well.

Share via

Cannot access Azure AD

1 answer

Your answer