Delete a b2c domain which i cannot switch too

Abhay Naik 0 Reputation points
2024-12-02T06:24:18.49+00:00

I have lost access to b2c tenant I had created long back. When I try to login now, it asks me to login using ms authenticator with 6 digit code. that does not work. As an alternate I try to send request to authenticator app, which also does not work which shows 2 digit code on screen. Even to delete the tenant I have to login, so I cannot delete the same. How do it handle this scenario?

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,999 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,959 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Shikha Ghildiyal 3,175 Reputation points Microsoft Employee
    2024-12-02T07:22:08.6433333+00:00

    Hi Abhay Naik,

    Thanks for reaching out to Microsoft Q&A.

    If your code does not work, please follow below steps-

    • If you're using mobile data, try switching to Wi-Fi and vice-versa. Make sure Airplane mode is off.
    • Make sure you're using the latest version of Authenticator - Microsoft does not support any app versions more than 12 months old. Tap  Settings and make sure App updates is turned on. Get the latest.
    • Tap  Settings and select Turn off battery optimization for better sync performance.
    • Tap Settings > Notification Settings and make sure Show notifications is turned on. 
    • Make sure your device is up to date, and that any other security apps (such as Microsoft Defender and Intune Company Portal) are also up to date. Make sure the device's  Date & time are correct too.
    • If you're using VPN, try disconnecting to see if the issue persists.

    if above does not help, check the troubleshooting guide here-https://support.microsoft.com/en-us/account-billing/troubleshoot-problems-with-microsoft-authenticator-a3a74493-566b-4c2e-b949-a2789bac0fd3

    Once you are logged in, follow these steps to delete tenant -

    Sign in to the Azure portal as the Subscription Administrator. Use the same work or school account or the same Microsoft account that you used to sign up for Azure.

    1. Make sure you're using the directory that contains your Azure AD B2C tenant. Select the Settings icon in the portal toolbar.
    2. On the Portal settings | Directories + subscriptions page, find your Azure AD B2C directory in the Directory name list, and then select Switch.
    3. In the left menu, select Azure AD B2C. Or, select All services and search for and select Azure AD B2C.
    4. Delete all User flows (policies) in your Azure AD B2C tenant.
    5. Delete all Identity Providers in your Azure AD B2C tenant.
    6. Select App registrations, then select the All applications tab.
    7. Delete all applications that you registered.
    8. Delete the b2c-extensions-app.
    9. Under Manage, select Users.
    10. Select each user in turn (exclude the Subscription Administrator user you're currently signed in as). Select Delete at the bottom of the page and select Yes when prompted.
    11. Select Microsoft Entra ID on the left-hand menu.
    12. Under Manage, select Properties
    13. Under Access management for Azure resources, select Yes, and then select Save.
    14. Sign out of the Azure portal and then sign back in to refresh your access.
    15. Select Microsoft Entra ID on the left-hand menu.
    16. On the Overview page, select Delete tenant. Follow the on-screen instructions to complete the process.

    Reference document here- https://learn.microsoft.com/en-us/azure/active-directory-b2c/faq?tabs=app-reg-ga

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.


  2. Sandeep G-MSFT 20,376 Reputation points Microsoft Employee
    2024-12-03T05:05:12.3266667+00:00

    @Abhay Naik

    As I understand you are unable to login to your B2C tenant that you had created long ago. Now when you try to login to the tenant it is asking for MFA.

    In this situation if you did not had MFA set up earlier for your account in B2C tenant then you will not be able to login to tenant now.

    If you are the only global admin on your B2C tenant and are blocked entirely, you can reach out to our support team. You can look into below article to get support numbers depending on your country.

    https://support.microsoft.com/en-us/topic/global-customer-service-phone-numbers-c0389ade-5640-e588-8b0e-28de8afeb3f2

    or creating a ticket through a different account:  https://learn.microsoft.com/en-us/microsoft-365/admin/get-help-support?view=o365-worldwide#phone-support

    Create a ticket with Microsoft support team. Give them the tenant ID which is locked out in your description. Tell them that no admin account has access anymore and your partners also have no access anymore.

    Once you create a ticket with support team you will have to work with our data protection team. You will have to first prove your identity against your tenant for security purpose. Post that this team will help you with help you in getting access to your tenant or unlock your account depending on your scenario.

    Also, for the future, you can create an emergency access account (break glass) in Azure AD. This account will help prevent being accidentally locked out of your Azure Active Directory (Azure AD) organization because you can't sign in for any reason.

    https://docs.microsoft.com/en-us/azure/active-directory/roles/security-emergency-access

    Let us know if you have any further questions.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.