AADSTS700056: User account does not exist in organization.

Shreyal Gelani 5 Reputation points
2024-01-25T03:10:35.2733333+00:00

Hi,
I have MS Entra External ID preview tenant created. However, I noticed that I cannot authenticate successfully with the local account. Below I provide more details. I would be grateful for help/hints

Describe the bug

When I try to login with corporate account or standard customer account I have below error displayed after authentication is completed:

AADSTS700056: User account does not exist in organization.

This only happens when the customer use their email id to login instead of principal username. The user is redirected to temporary access pass page when they use their customer email but when they try to use the pass code it throws error.

Steps to reproduce:

  1. Create a user in your Tenant where email authentication policy and Temporary Access Pass is enabled.
  2. Generate Temporary access pass for user.
  3. Try to signin with the email provided in email authentication policy. You will be redirected to Enter Temporary access pass screen.
  4. Enter your temporary access pass.

Note: Temporary access pass only works if you use your User principal name.

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 30,296 Reputation points Microsoft Employee Moderator
    2024-01-29T07:55:04.0433333+00:00

    Hi @Shreyal Gelani
    Apologies for delay in response.

    Could you please confirm how you setup your user flow and which option you choose for user's email accounts?

    User's image

    Currently, in Microsoft External Id for Customers (CIAM) we do not have an option to sign in with UserPrincipalName. Could you please confirm and share the screenshots so we can help you further.

    We recommend to use Email with Password to Sign in to your application with MFA as MFA uses pass code as second form of authentication.

    Reference - https://learn.microsoft.com/en-us/entra/external-id/customers/how-to-multifactor-authentication-customers

    Thanks, Shweta


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.