Azure portal keeps throwing AADSTS16000 errors

Mailhardener 25 Reputation points
2023-08-25T14:25:17.2266667+00:00

My Azure portal appears completely broken. Regardless of which page we attempt to open, we are constantly shown an error as follows:

User's image

The text is:

Interaction required The portal encountered an issue while attempting to retrieve access tokens. We suggest attempting to sign in again, or alternatively, continuing without access tokens, although this may result in a suboptimal user experience. Additional details: interaction_required: AADSTS16000: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6'(ADIbizaUX) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: bfe29182-b2a9-4358-8b07-b5829ee52100 Correlation ID: af375ba9-259c-41a6-a722-a76f669e9934 Timestamp: 2023-08-25 14:13:59Z.

The details are:

{
  "sessionId": "18b94d44521446f4ac2c9e78abcd2713",
  "errors": [
    {
      "errorMessage": "interaction_required: AADSTS16000: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6'(ADIbizaUX) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
Trace ID: bfe29182-b2a9-4358-8b07-b5829ee52100
Correlation ID: af375ba9-259c-41a6-a722-a76f669e9934
Timestamp: 2023-08-25 14:13:59Z",
      "clientId": "74658136-14ec-4630-ad9b-26e160ff0fc6",
      "scopes": [
        "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978/.default"
      ]
    }
  ]
}

Clicking 'ignore' will close the message, only to appear again one second later. This makes the Azure portal completely unusable.

This is our main (and only) administrative account for Azure. So there appears no way to add ourselves as a tenant, if that is even possible.

What we tried so far:

  • log out and back in again
  • private browsing window
  • different browser, and OS
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,396 questions
{count} vote

Accepted answer
  1. Akshay-MSFT 16,026 Reputation points Microsoft Employee
    2023-08-29T16:30:19.0733333+00:00

    @Mailhardener

    Thank you for posting your query on Microsoft Q&A. I am reviewing this and will get back to you with further inputs.

    Update1:

    To resolve the error, sign out from the active session and sign in with a new incognito window or any different browser.

    Kindly refer to below doc for similar issue and TSG:

    Error AADSTS50020 - User account from identity provider does not exist in tenant

    If this does not work then please validate the following:

    • See if you are logging onto correct directory on your tenant:

    User's image

    • External collaboration settings:
    1. Sign in to the Azure portal with Global Administrator permissions.
    2. Browse to Azure Active Directory > User settings.
    3. Under External users, select Manage external collaboration settings.
    4. On the External collaboration settings page, select Guest user access is restricted to properties and memberships of their own directory objects option.

    external-collaboration-settings

    • If you are an administrator, you can also try to dismiss the user risk after ensuring that the risk assessment was a false positive.

    Update 2:

    Seems like you were using a free version of Azure AD/Entra ID. Since Azure AD is now Microsoft Entra ID,

    The free edition of Microsoft Entra ID is included with a subscription of a commercial online service such as Azure, Dynamics 365, Intune, Power Platform, and others.

    So either you may get one of the above mentioned subscription or you needed P1 or P2 subscription: https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-id#:~:text=The%20free%20edition%20of%20Microsoft,%2C%20Power%20Platform%2C%20and%20others.

    User's image

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

    Thanks,

    Akshay Kaushik


0 additional answers

Sort by: Most helpful