How to resolve 'Selected user account does not exist in tenant and cannot access the application' error?

Syed Harith Zaki 85 Reputation points
2024-11-20T09:01:01.6+00:00

Hi all,

I have a guest user who experiences the error stating 'Selected user account does not exist in tenant 'Microsoft Services' and cannot access the application in that tenant. The account needs to be added as an external user in the tenant first. Please use a different account.' This error occurs when the user is trying to access SharePoint files that he has been given access to as a guest user.

The user has already been invited as a guest user to the directory. The user has tried to access the file in incognito browser but still faces the error. We have ascertained that the user has been granted access to the SharePoint sites in question. How then do I resolve this problem? Thank you.

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
10,975 questions
{count} votes

Accepted answer
  1. RaytheonXie_MSFT 36,896 Reputation points Microsoft Vendor
    2024-11-25T07:10:44.52+00:00

    Hi @Syed Harith Zaki,

    I'm glad to hear you solve the problem ,if you have any issue about SharePoint, you are welcome to raise a ticket in this forum.

    By the way, since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others." and according to the scenario introduced here: Answering your own questions on Microsoft Q&A, I would make a brief summary of this thread:

    [How to resolve 'Selected user account does not exist in tenant and cannot access the application' error?]

    Issue Symptom:

    A guest user experiences the error stating 'Selected user account does not exist in tenant 'Microsoft Services' and cannot access the application in that tenant. The account needs to be added as an external user in the tenant first. Please use a different account.'

    Solution:

    You might use personal Microsoft Accounts (Outlook, Hotmail or OneDrive), you are connected to the Microsoft Services tenant by default. Within the default tenant, there is no linked directory for performing any actions might cause the issue. As a workaround, create a new user fixed the issue.


    You could click the "Accept Answer" button for this summary to close this thread, and this can make it easier for other community member's to see the useful information when reading this thread. Thanks for your understanding!


1 additional answer

Sort by: Most helpful
  1. RaytheonXie_MSFT 36,896 Reputation points Microsoft Vendor
    2024-11-21T02:54:58.88+00:00

    Hi @Syed Harith Zaki,

    The error usually occurs if the Azure AD Application is registered as Single-Tenant, but other personal account or other tenant users are trying to login.

    To resolve the error, try the below:

    Create an Azure AD Application as "Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)" like below:

    enter image description here

    For example, you can use below endpoint to authenticate users:

    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?
    &client_id=ClientID
    &response_type=code
    &redirect_uri=https://jwt.ms
    &response_mode=query
    &scope=https://graph.microsoft.com/.default
    &state=12345
    

    Also make sure to use common endpoint to authorize the users.

    • If you only want only Azure Active Directory users only to login the register the Application as "Accounts in any organizational directory (Any Azure AD directory - Multitenant)" and make use of organizations endpoint.

    If the issue still exist, please refer the below MsDoc:

    Error AADSTS50020 - User account from identity provider does not exist in tenant - Active Directory


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.